I have my own login form for my website. In addition I have also added google and facebook login.
My question is should I add those user data that's login from (fb or google) into my own userdata table or create a different one each for google and facebook.
1) If I add to my existing one, the password column would be left blank(as fb do not provide one) and anyone who knows the email will be able to access it easily.
2) And if I make different table then I think it will become little complicated or slower when trying to access a user data from across the different table.
What's the best choice of doing it or any other method that's better than this?
Make sure users have to enter a password when they login with Facebook/Google, or make sure regular users do not use a blank password - users without a password can only login with the Facebook/Google API.
DonĀ“t create a separate table, it will only get more complicated. Extend the existing one with IDs (from Facebook and Google).
Related
Note: This is likely a duplicate question but I couldn't search for a solution/suggestion for my use case, so if anyone can re-direct me, that would be appreciated.
Problem: I have a NextJS application that runs on Prisma ORM and MySQL database. I am using NextAuth for OAuth authentication for sign up and log in.
So far the application works just fine but I want to check whether a user is logging in for the first time and redirect them to a set up page whether they would input personal details in order to populate a table on the database, so that the app can form a dynamic page based on their newly added information.
On the database, there are the user table (populated by NextAuth immediately at login) and the profile table.
Under NextAuth, the user table is populated automatically with the account's user name and email etc. However, that is not a unique entry and NextJS getStaticPath requires a unique entry to generate a dynamic page. That's why I have created the profile table to allow users to add their custom username where the dynamic URL will be generated (e.g. localhost:3000/u/[slug])
Here's my question - I want to check that the user is first time logging in and send a form for them to fill out the necessary information to input data onto the profile table, otherwise they would go straight to their profile homepage. What is the best way to check that and to redirect them to that form page?
Do I do it at server side with getServerSideProps by checking that the id from user table is missing from the profile table and do a redirect? Or is there some method that's customarily used to implement this "initial set-up" procedure?
How can we develop a voting website based on Wordpress where the landing page is login and password protected and logins and passwords are based on a preloaded database of users. The idea is to create a page for employees where they can enter after they provide the individual credentials. It cannot be based on a system where they register - their data should already be in a database.
I am assuming that you do not want different user roles for different users. If that is the case then you will need to create a function in your theme's functions.php file that will check if user is logged in using is_user_logged_in() and if not, redirect them to login page. In order to work around the problem of every user registering on site by themselves, you can create another piece of code that will iterate user details from a csv file, register them and set each user's password.
The reason for this suggestion/approach:
All the users are registered in your WP Users list so your passwords are not easily stolen.
You can assign custom user roles and capabilities later down the line if you wish.
You can do single or bulk addition of user down the line without redoing the same amount of efforts every time you need to add users.
You do not risk breaking the database structure in WP which is decently optimized.
Now do understand that you will need to leverage object caching and work using pre_get_posts to manage the large size of site.
Good Luck!!
I am new to Facebook development.
Is it possible to have a website login with Facebook + a non-FB database?
Specifically I would like my users to access Facebook information similar to Sociogram (http://coenraets.org/blog/2013/02/sociogram-a-sample-application-exploring-the-facebook-sdk-and-the-graph-api/) which I have gotten working with my own website app, but also tie in additional user information that Facebook does not keep - so that my users only have to have one login.
Any info on where to start researching would be helpful.
As you are talking about having your own database, i can guide you like this.
Use facebook javascript login to get premissions from user and save them to your database in which you may have other details to be added later for your website purpose
When you save details once from first login, you dont need to save them on next login. So Write code so that on first login check your database for user existance and if not then add him to database.
And in that database you can add extra field that facebook wont save like his height for example.
For this to happen you must have server side scripting knowledge to store the details to database. If you need further more details, i am here to answer.
I am working on a website, I have one problem ..
I have facebook users id in my database, now I want to get their names using their ids but without using graph api..
Is there any way to do so..
I assume you want to do this programaticaly... Short answer is - you can't.
If you want to do it manually you can simply navigate to this url: https://facebook.com/profile.php?id={USERS_ID}It will give you the users profile page where you can see their name IF their profile is publicly available.
Essentially you should request the users names and store them in your database when the users authenticate your application.
Anyone have any ideas on how I could get a unique username (but not the email address) for each user. Ideally, I'd show them a page asking them to specify a username for the site, but the only way I can think of doing that is to show it to them after they've authenticated via G Accounts or OpenId. But, that requires another page, and what if they navigate away without entering anything?
As you suggest, you need to ask them after they log in for the first time. Simply redirect them to that page until they fill it out.
Consider seriously, though, if you really need a username. A lot of sites demand one, but then use it for very little - and it's inconvenient for users to have to try and choose a unique one.