I have few tables like example.
Users Books UsersBookPurchase
UID BookId UserId
UName Name BookId
Password Price
Email
This is fine. I am having my own login system but i am also using some 3rd party to validate like OpenID or facebook Authetication. My question is if the user is able to log in successfully using OpenID or facebook Authentication, what steps do i need to do i.e do i have to insert one fake row in Users table because if i do not insert how will integrity be maintained. I mean what user id should i insert in UsersBookPurchase when the person who has logged in using Facebook Authentication has made a purchase because the UserId is reference key from Users table. Please give me a high level overview of what i need to do because this is fairly common scenario.
Thanks in advance :)
Basically yes. Don't think of it as a fake row. What you should do is to create an actual user account based on the data provided by Facebook API (I am not that familiar with OpenID)
Facebook API will provide you with first and last name, email address, maybe some other data
Facebook does not have the concept of login name, users login by email address.
What you do is just create a new user from the data provided by API.
There are some things to watchout for: it is possible that user is already registered on your site. When you get data from Facebook you should search your own user table to see if the email address already belongs to your own registered user and it that case you can do some fancy things like mark that user as also having a facebook login.
If I were to do that, I'd abstracted login info into a separate table and have some sort of type in the User table. The type is used to identify what auth method is used, i.e. your own, Google, etc. If a user does select using alternative methods, you do need to have association but with a different type. But yes it is a new record.
Related
I'm doing this project these days and for that, I'm using firebase with React. In my project, I have two types of users 1. Student and 2. teacher, so in my site I want to use the same email id to create an account of both the stakeholders from one user, but firebase is not allowing me because I can create only one account using CREATEUSERWITHEMAILANDPASSWORD() method. so how can I create a teacher account if I already have a student account with one email id??
I know this question sounds childish but I am still learning.
so please help me out.
If you go to https://console.firebase.google.com/project/your-project-name/authentication/providers and scroll down to advanced, you can find a setting for allowing only one or multiple accounts per email.
You cannot, however, create multiple accounts with the same login method. So you cannot have users create two accounts with email & password. One account could be with email & password and another could be Facebook login, for example.
I have my own login form for my website. In addition I have also added google and facebook login.
My question is should I add those user data that's login from (fb or google) into my own userdata table or create a different one each for google and facebook.
1) If I add to my existing one, the password column would be left blank(as fb do not provide one) and anyone who knows the email will be able to access it easily.
2) And if I make different table then I think it will become little complicated or slower when trying to access a user data from across the different table.
What's the best choice of doing it or any other method that's better than this?
Make sure users have to enter a password when they login with Facebook/Google, or make sure regular users do not use a blank password - users without a password can only login with the Facebook/Google API.
DonĀ“t create a separate table, it will only get more complicated. Extend the existing one with IDs (from Facebook and Google).
I want to accomplish nearly the same thing as this question, which is to store authentication data from multiple sources (Facebook, Twitter, my own app, etc.) so that one person can log in to their account from any/all of the mentioned providers.
Following, I posted a screenshot of my two created tables.
The table "identity" will be responsible to store the login method (Facebook, Google or my own login system). An user can have one or more "identity".
In the table "identity", the column "adapter" will store the authentication method (facebook, google, myapp). The "hash" column will store the ID of the authentication method (for Google or Facebook), or if it's a record of my own app authentication method, the "hash" colunm will store the user registered password encrypted with SHA1.
My question is, for example: How can I detect if the user witch is authenticating through a Facebook account don't have already an "user" created with another authentication method? Because I don't want to create multiple users, to the same social auth account owner, or my own app account owner.
Can I get through this using the email column? So I can verify if the authenticating user already have a same e-mail registered in the "user" table, if he has, then I can create an identity with this same user_id?
If it is possible, I would recommend that you add the user before you add the identity id.
Check for existence of matching email before creating the user, then add the new identity.
I would have thought there should be a constraint on the identity that the user exists before creation. Otherwise you risk adding 'Identities' to the database with no connected user at all.
My website has a normal sign up and sign in process now I want to add google login (and later facebook, yahoo and ...) to my website but I'm not quiet sure how to change my user table.
Add all user info I get from google, facebook as new fields to my current users table? each login type gives me a first and a last name I just can keep one of them. the only user info to connect different login types with each other is the email address. So if a user has used different email for his/her facebook account than his gmail then each user will have lots of unused fields.
Using separate tables for each login types. have a google table, facebook table and ... and connect each record with a user in user table (if user has not signed up before google or facebook information will e used to create one). in this case user record will have a missing password field that of course can be resetted from account or by password forgotton function
which one is the correct way to do this?
currently I need to provide web site logging for different social accounts (facebook, google, twitter and so on).
I know that stackoverflow has same system and I wonder if there is stackoverflow database model in public access. So I can find right way to store user data in my db.
Currently I have next problems.
So, I have my table for users:
UserID
UserName
RegistrationDate
Email
Rating
For users who create account with web site form I use next additional info:
Password
FirstName
LastName
Avatar
I stock in question how to store data for users who login with social networks and what should I store.
It seems that I dont need to store facebook name, surname and so on. I thought about getting it with js on pages where I need it.
Also I am thinking how to provide user with adding facebook, twitter references and so on for his profile.
P.S.
I am using DotNetOpenAuth for user authentication via social networks. Working with asp.net MVC 3.
About functionality on my web site:
just adding articles and rating for user.
For comments I use https://disqus.com/.
Ideally, you should have two tables. One for Users and one for Identities. In the Users table, you store things like your application user id, name, emails, etc. In the Identities table, you link back to the person in the User's table, but have a 'network' field that says which network the Identities row is for (e.g. Facebook, Google, Twitter, etc).
The Identities table can store the User ID and details specific to that platform, e.g. User_ID for Facebook, Twitter username, etc. The user will have one entry in the Users table, but can have many entries in the Identities table, depending on how many networks the user has connected with.