I'm creating a database for a site that uses Facebook connect for user login/profiles.
I usually have a unique key (auto-increment) for all users. Is this still a good idea, even if every record (user) is going to have a unique Facebook id that I can use?
Why?
No. It's usually not a good idea even if you're not using Facebook Connect. But since Facebook Connect offers a stable, simple, unique identifier, you should use it. They're doing all the hard work--stand on their shoulders.
If you are going for a single FB id login, then you are fine with they uid that they provide. If you are planning (not necessarily now) to have your own users and also allow a login through FB Connect, then I recommend you to use two tables.
You can always match a FB user and your own users with the email that they provide you into your site and the email that they use for FB.
Related
I have been maintaining a site that allows users to login using the FB credentials. For the last 2 years this has all been working fine on our servers, still works fine actually.
Now I have added a new integration server. When a user logs in with their FB credentials a different ID is returned, different from the ID they get when they log into our older servers.
When i use either ID in facebook.com i get sent to the proper home page. So it looks like a user has more than one FB ID.
Has anyone seen this before? I am stumped. Have copied the working Facebook app definitions for the older servers, no joy. Stripped down the app definition for the new server, no joy.
One difference is that our new server is using an IP address, not a dns entry. Could that be the problem?
thanks for any help.
With the introduction of API v2.0, Facebook has made user ids app-scoped – meaning, each app will see a different app-scoped id for a user. Purpose is of course to improve user privacy.
https://developers.facebook.com/docs/apps/changelog#v2_0_graph_api
And before you ask: No, you can not get the “real” id from an app-scoped one – and you’re not supposed to.
If you need to identify users across different apps owned by your company, see what it says about the Business Mapping API (litte bit further down in the changelog.)
I have a well functioning login system right now. Im in the process of implementing Google+ and Facebook login too. Its works fine. But:
When a user logs in via Facebook or Google shall I create a new user in my web apps users database? If so, what should i fill as password?
Lets say a user has logged in via Facebook and he inserts a new book in the books table. What shall I put in the creator column of the inserted row? Usually I put the user id of the logged in user which has a row in the users table.
A user doesnt have an account on my web app. He signs in for the first time using Google+. What happens to that user if he later on chooses to remove my site from his connected accounts on google? This might be related to the first question.
Thank you.
The Documentation of the both API are really great and understandable. But I could find answers to my questions.
It's technically possible to use Google+ Sign-In without data persistence. As an example, you can see client-side-only Google+ Sign-In features on the Is Too Cute demo site.
There are certain benefits to adding data persistence and managing your own set of users but there is still a ton of great functionality you can get without needing to implement a data store:
Over-the-air Android installs
Interactive Posts
Personalize the site to the user
Access Google APIs while the user is actively browsing your site.
I want to set up my site to allow people to sign in using a facebook account. But in the near future I would also want to allow a provision to allow people to sign up using twitter, linkedin, even their open id accounts if they have one. However I need to set up my system so that a user may be able to login using whatever way he wishes and yet be able to maintain all his logins with his one account.
I have a users table which has the basic details:
USERS:
ID|NAME|EMAIL|PASSWORD
And think I should set up a logins table in this case like:
USERS_LOGINS
USER_ID|LOGIN_TYPE|LOGIN_ID
like in the second table if he signs up using facebook the Login type would read Facebook and id would be his fb id and so forth.
Is there any kind of service that already does this for you or any open source code I can use? My application is being built on the zend framework
Thanks
You might want to check out Janrain Engage. It will probably be the fastest and easiest way to support multiple login types.
I want to create a Facebook app that can operates inside IFrame / FB connect.
I have to store some user information inside my database, but I still can't decide whether to use Facebook UID as the primary key or to create my own user ID (and have the Facebook UID as a regular column). Which approach is commonly used and why?
Thanks !
Andree
The Facebook UID are also unique, as far as I am concerned, i always use the Facebook UIDs. Although that shouldn't a problem if you create your own ID but that would be an extra overhead.
I have a website that uses facebook connect to allow users to login to the site's login system. If I want to verify that the facebook user id's captured by our database match those who are authorized by facebook to our application by facebook and vice-versa, how would I do that?
For example, if I log in the facebook developer application and it tells me that we have 7 users (I assume this means 7 people who have "connected" to our application), where would I find a list of those 7 users.
I assume their facebook user id's are public information, yet I would like a way to obtain them in a list pertaining to our application.
I assume that this is common for the purposes of database maintenance (and in my case just to verify that everything is working properly).
Looks to me based on the dev console that you can't get a list like this. The best you can do is get friend.getAppUsers() which gives you a list of your friends that have the app installed. Bummer; I actually really need this too for an application I'm working on. I guess just use the post-authorize, deauthorize callback urls to manage the list of users on your end.
I missed first lot of application users too.
Then I start to add username and ID to database as soon as they visit the first page of application after authorizing the application.
Now anybody new comes to my application they are added to 'appusers' table