Choose an authorization scenario using social networks?

G

Gray2013-04-04 23:23:51

OAuth

Gray, 2013-04-04 23:23:51

I am considering authorization options using social networks:
- Facebook
- Twitter
- VK
- Odnoklassniki
VK and Odnoklassniki API do not give the user's email.
(Except for select projects like Afisha)
I believe that signing up/login with a social network should be one-click, but anyway, let's look at the options.
Fields on the registration form:
Last name First
name
Email
Password
Solutions:
1) Import data from the social network and automatically insert them into the appropriate fields on the registration form
(allowing the user to adjust them)
are automatically filled in:
- first name
- last name
then in a pop-up window or the next step, you need to ask to enter the user's email, and then send a registration confirmation link to this email and wait for confirmation.
as a result:
- clicking on the login button
- loading a page with permissions to access the account and obtaining permission from the user
- returning to the registration form or a popup requiring filling in the email field with pens.
— sending a request to confirm registration to the entered email, waiting for confirmation
Profit received by the user: the ability to enter the site without entering a password.
Do you consider this to simplify the user registration procedure?
2) Create a "defective" account and ask the user to fill in the necessary information in the process?
After logging in using Odnoklassniki or VK, we know the user's first and last name The user
actually works with the project in read-only mode, and when he wants to write a post / announcement, we ask him to:
complete the registration procedure
by entering an email
(and then send a confirmation link) and waiting for confirmation.
The creation of mailboxes in Yandex.Mail through social networks works according to this principle. It would be interesting to see the statistics.
It seems logical, but our project is available in read-only mode, so without any authorization, and I can’t even imagine what functions we can provide to “inferior” users.
That is, with this approach, the entrance with the help of social. There seem to be networks, but there is no point in it.
3)Use only social networks that give the user's email?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

S

Stalker_RED, 2013-04-04
@Stalker_RED

Do you need an authorized user, or do you need their confirmation email? If ease of login is a priority, then you can use services like Loginza or uLogin, and even if they do not give you an email, the user will always be able to re-login through the social network, and you can link the user's personal information to his profile.
And if you definitely need an email - demand it. Immediately or later - you know better.
For example, in an online store, you can allow leaving reviews without email, but you can already place an order after confirming your email or phone.
Of course, the above may not be suitable for your task, but you did not even leave hints about the description of the project.

I

IDVsbruck, 2013-04-05
@IDVsbruck

At an early stage of development, the goal was also to get a person’s first name, last name, email and location, regardless of whether the social network itself gives this data (it seems like Twitter does not give out the first and last name, Linkedin is soap, etc.) I am described in the post (true, Java, but I don’t think this is a problem).
True, then he refused this implementation - authorization is important. The need to enter a first name, last name and soap arises later, when actions are needed in relation to the user himself. And this can already be done through the interaction of an already authorized user and the site itself. By the way, that's why I, for example, separated the entities of the user's authorization record and the user's profile (structurally and in the database).