Facebook authentication + register user to database

StackOverflow https://stackoverflow.com/questions/23502757

Question

I'm building a Javascript application with Backbone, and implemented a restful interface for the user authentication with Laravel4 as a backend (using Laravel's authentication mechanism).
All works nice and smooth.

I created a basic demo that allows the user to log in using their Facebook account.
In order to do this, I used the Facebook SDK for JS (web).

What I don't understand is how I can implement the following:
The user logs in the first time with his/her Facebook account, and the user data should be stored in my database automagically (ie email, first name, last name, gender, birthdate).
Imagine that the user decides to remove his Facebook account, (s)he may assume that (s)he'll be still able to log in to my web application using the default login screen of my own application.

But it is obviously not possible to upload their Facebook password to have it handled by Laravel's authentication.
So what is the most common solution to handle this problem?

Was it helpful?

Solution

The most common solution to provide a Facebook Login and re-use Facebook account details in your own login system is, to use a Laravel library like Sentry, which supports OAuth2(http://oauth.net/2/).

Because you are forcing a Sentry::login($user, false); for the user without a password, you might want to generate a password field to have a regular non-facebook login. After a successful login to your website with OAuth2 against FB, you simply store the client-secret, log the user into your system, fetch the FB infos you need and send an email with a generated PW for direct login to your application. Email: "Thank you for registering to this website via Facebook. Your PW is ....".

As pointed out by @har2vey, it's the same functionality as provided by the "resend my password" feature, but directly send after login via OAuth and not on user request.

A Sentry example is already on SO: https://stackoverflow.com/a/19511907/1163786

Sidenote: It's unfair towards those who take the time to answer, if you simply delete your questions. I'm refering to switch-profiles-on-the-client-and-server. The answer could be useful to others aswell.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top