I have a couple of questions regarding facebook integration and authentication in my social networking iOS application.
First of all, Users of my application are required to create an account and login before any content is available to them.
I have a separate backend system, so regular account registration inside my application is supported. When a user is logged in to an account he or she is supplied an access token which is used for future backend-requests, such as image-uploads.
Secondly, A user can choose to log in with Facebook, and thereby acquire an access token from the successfully opened FBSession
.
This leads to my first question: How do I use the access token acquired from Facebook to authenticate my users with my backend system? Should I send the acquired token to my backend and have the system use that token for this particular user until further notice, or is there another way to go about this?
--
Now lets say that I solved the problem in the first question...
My second question: Imagine that a user created an account and logged in the normal way (i.e. without facebook) The next time that user wants to use the application, he or she chooses to log in with facebook.
Now, In my backend-system, how would I know that these two users are the same, connect them and thereby be able to load the same content for both cases? Is it even possible to have hybrid accounts that supports double logins like that? A regular registration only requires email, username and password, so I cannot think of a way to determine that a facebook-loggedin-user is the same user as a normal-loggedin-user.
I Hope the above makes sense.