Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
deM1d2013-08-23 12:03:57
API
deM1d, 2013-08-23 12:03:57

OAuth on mobile?

Hello.
An approximate scenario is as follows: There is a web service, a mobile client for this service, and a social network. On a mobile device, there are two ways of authorization: through a login and password and through a social network. With the first one, it is clear that the user has registered an account, and always logs in with a password. The second case, authorization through a social network. As I see it: A user on a mobile phone receives an access_token, which he sends to the server. The token server receives all the user information along with the social id. networks and writes data to the database. In subsequent times, the user always gives me his token, for the token I get the social id. networks, and I make a selection from the database for this field. Simply put, the main identifier of the user who logged in through the social. network. is its social network ID. And now the question is: Am I thinking correctly, or do normal people do everything differently? Thank you.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
U
UZER2006, 2013-08-23
@UZER2006

Otherwise.
Look at oAuth of the same Vkontakte. If authorization is required, you redirect the user to the Vkontakte server, he authorizes him in the application (previously created), and redirects back to your server (at the address specified in the application settings on the social network), and sends an additional temporary code to GET. By this code you (already on the server) access the social. networks, get a user ID and an access_token, with which you can already make requests to the API and do everything else you need (from what is allowed at the authorization stage), for example, get the necessary information about the user at the first login.
The next time everything happens the same way.
It is worth considering that the user will notice something only the first time (it will be necessary to allow the application access), all subsequent authorizations will occur almost imperceptibly (perhaps a little longer, due to two consecutive redirects).

Similar questions
A
Artur Lastname2019-11-22 08:32:03
How to disable all OTHER handlers on a js/bitrix element? 3Reply
A
Alexander Nikolaevich2017-06-25 15:01:39
Where is the navmenu-v element? 1Reply
K
Kirito Asumo2017-07-02 12:02:52
How to make the computer think that the modem is not a cellular connection? 4Reply
B
blabs2016-07-13 13:21:10
What does the algorithm for checking text for uniqueness on the network look like? 1Reply
M
mimiroff2018-12-13 10:53:53
How to get hooks and statistics for OK Lead Ads? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question