OpenID style login supported by Facebook and Twitter
https://stackoverflow.com/questions/9128302
-
22-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am looking to allow users to register and login using their social network accounts from:
- yahoo
- aol
- etc
OpenID seems like a good option but it doesn't appear that Facebook or Twitter support it which kind of makes it useless. Any suggestions on a free (for large sites) option? OAuth seems good, but isn't that going to require the user to authenticate everytime? I want something more automated so they click 'twitter' and if they are logged in on twitter and have already granted authorization, they get automatically logged in on our site. I can handle the work on my site and have no probelm working with apis.
Thanks!
Solution
The OpenID Wiki lists multiple OpenId libraries for PHP (as well as other platforms), not being a PHP developer, but someone who is doing something very similar this should help you.
One other thing to bear in mind is that both Facebook and Twitter use the related OAuth standard and require you to register your application with them before you're able to use them as authentication providers.
You can find more information on using Facebook to authenticate your users here.
Hope this helps you.
OTHER TIPS
Each modern web language seems to be developing at least one library that can handle the various distributed login systems available.
Generally, you want one that will support generic OpenID, OAuth (which buys you Twitter), Facebook, OpenID with Directed Identity (which Google uses) and Microsofts Live Login.
For PHP HybridAuth can do this. Spring Security appears to work for Java, and has a Grails plugin. Authlogic or Devise. Python has SocialAuth.
Or, if you do not need to have direct control over your login process you can use RPXnow, which is the same idea, but as a service. Google has something similar with Google Identity Toolkit. Be careful of lock-in.
Please leave comments to this answer and I will update with the "right" tool for each language.
Definetly Facebook. You can grab all data if the user allows it.
Still I would prefer only using some real basics and only ask for the other data on demand.
What exactly is the problem with providing multiple options? (Or maybe I understood your question incorrectly)
I use https://rpxnow.com/, it allows you to use multiple providers, you get to choose a certain number (I think it's 4) for free.
