https://stackoverflow.com/questions/19901826
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThere are a few different ways this is handled in practice. Some services require a user to still fill in information, even after the user clicked "Login through Facebook". Unless there is information that you absolutely need, I would advise against this approach.
You could take a polymorphic approach to users and have a regular users table and a Facebook users table. There are other ways to approach inheritance in SQL databases too, but this can get complicated.
A third approach would be to have Facebook id and auth tokens as nullable columns on your users table. This would also require you to either make the password column nullable, or set it to something long and random. This way, Facebook associated accounts function identically to other accounts, with the exception of of the way they sign in. Since you have their email, it should still be possible for Facebook users to make use of a "Reset password" option to get a password.
Edit:
You'll need to create columns for the things you need in order to maintain a Facebook record for a user. Facebook id, oauth token, and oauth secret are among these. When a user clicks sign in with facebook, upon receiving a response from Facebook, you should run a check to see if there is a user with the given facebook id. If one exists, sign the user in. Otherwise, create one.
Even easier would be to look at an OmniAuth solution. OPAuth is one such solution. Introducing something like this may require you to rework some existing code though.
