D
D
devel7872014-07-28 15:03:15
Django
devel787, 2014-07-28 15:03:15

How to implement "Register with Facebook" similar to Instagram on server-side?

Good afternoon.
There is an idea to make a mobile application (Android, iOS) that will interact with the server through the API.
On the server side, Django REST framework for APIs and a small self-written Django admin panel .
User registration is expected through the mobile application and exclusively through Facebook (there should be no registrations with email+password input). A one-to-one case, like when using the Instagram mobile app on Android.
Tell me, please, in which direction to "dig" and how such things are done?
I tried to google it myself - nothing but the usual authorization through the social. networks for mobile applications could not be found...
As I see the task at the moment:
1) The user has installed our application.
2) The user opened the application and saw the registration screen.
3) The user selected ”Register with Facebook”.
4) Somehow there was a validation of the Facebook login + at this stage on the server we must create a new user or make sure that such a user already exists - how can we do this on the server ??
-- at what point in time and what exactly will the mobile application tell the server for this operation??
5) After “log in”, our application sends requests to the API indicating the specific user (and his password?) Who registered / logged in through the social. network.
Interested in a general understanding of this kind of interaction, and more from the server side.
I will be glad for any hints.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
F
FanKiLL, 2014-07-28
@devel787

The user clicks on the button, you take the user id on Facebook, it is unique and other information, you can also take the access_token if you want to make some requests to Facebook.
Next, send the user id to the server, it is unique, remember, look if there is a user with the same id from Facebook. If not, then you can register a user, make a user and bind this facebook id to it. All now the user is registered and facebook id is attached to him.
If he clicks on a button in the application - you send facebook id and the user with such facebook id is on the server, you can consider this as a login and skip the user to your application.
On the fifth point, no, you can’t transfer a password, when registering or logging in (better when logging in), you already generate your own access_token for the user with which he can access your server.
Issue your access_token upon login or after registration.
Now when a user has an access_token from your server, he can make requests to your api server. This means that it must send this token with every call to your server, how it will do this depends on the design of your api. Facebook has it as a parameter in the URL.
I prefer the access_token to be sent in http headers.
Approximately, so ... One answer cannot be unsubscribed here (Ask, we will answer.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question