There was already a similar question, but I would like to clarify with the developers who implemented LogIn via facebook or Google.
I plan to implement this: if the user receives permission from these networks, then I take his mail as a unique identifier and send it to the server for registration.
- Do I need something else to identify the user, so as not to face the pitfalls in future work?
And the question is about how to be if the user made registration through facebook, and then bought a phone and tries to log in through the standard login-password form. The server will not be able to recognize this user as he did the registration through facebook.
As far as I was able to figure out, there are 2 possible solutions:
- When registering the user through the network, after we get access to the account, ask to create a password for his account in our application and thus we will have mail that we will receive from the account and a password that the user will enter for registration and in the future we will be able to recognize it only through the registration form through which he did it, but also through the standard one (login + password).
- The second possible solution is when the user tries to log in to the account via login / password, having previously registered through the network, we check his mail and the server returns a message to the user, please but this email address was registered through facebook, please log in using this feature.
How would it be better to realize this from the practicality of something ...?
