Authorization via link

B

bulbazaur2011-08-23 14:00:04

Email

bulbazaur, 2011-08-23 14:00:04

Good afternoon!

Some e-mail notifications come with such a link, when clicked on, the site opens and the user is authorized, even if there are no cookies. It is most likely done somehow through a hash, and an example is facebook. Tell me, what is the name of the technology?

Thank you.

Reply

Answer the question

In order to leave comments, you need to log in

7 answer(s)

A

Alexander, 2011-08-23
@zlobin

it’s probably better to make a hash of some information when generating a link and save it in the database, and when you access the link, compare whether there is such a hash in the database, if so, then log in

D

Dmitry, 2011-08-23
@Neir0

Can you give an example of such a link from Facebook?

S

Sergey, 2011-08-23
@butteff

I don’t know what the technology is called, but you can do something like this:
pass the get parameters in a path where the MD5 hash of the login and password will be. (in the address bar. For example, index.php?u=md5hash&p=morehash
On the server, process and log in the user.

U

Ura78, 2011-08-23
@Ura78

The technology is called "Give information to people" :) But seriously, I just want to warn you

A

Anton, 2011-08-23
@sHinE

MoyKrug uses such links in letters, this is the part of the question about the example.

1

1nd1go, 2011-08-23
@1nd1go

The link most likely contains a one-time password, which stops working after visiting the link. It's just that a long cookie is thrown that you are authorized.
Facebook doesn't allow it, by the way, I just checked it in an unauthorized browser.

I

Igor, 2011-08-24
@Lopar

My solution may be clumsy, but I added a cell to the user base to store the hash, and in the script itself I registered that with each successful login, the cell is reset to zero.
In the normal state, the field is empty; in the special state, the hash is deleted after a successful login.
Well, the link handler - by itself.