multiple oauth providers and implicit user account creation_问答_开发者

multiple oauth providers and implicit user account creation

开发者 https://www.devze.com 2023-04-06 06:23 出处：网络

I\'m learning oauth 2.0 and was wondering about the following scenario say I want a website to allow login with both twitter and facebook

I'm learning oauth 2.0 and was wondering about the following scenario

say I want a website to allow login with both twitter and facebook
when a new user logs in for the first time using twitter, the server checks if a user with this twitter id exists in the database and if not, creates a new user using values returned from twitter
the same user logs o开发者_如何学Gout and logs in again, this time using his facebook account

Question: how can I match the returning user with the account that was created the first time and avoid creating a second user account for the same user ?

Thanks

If you request for their email address, you can detect matches and merge that way?

If you are only interested in having the user log in, then you should be looking at openID, not OAuth.

Unless you explicitly ask the user to link their various accounts together for your app, there really isn't a good way to know that JohnDoe on Twitter is JohnDoe on Facebook.

You can ask the customer to link their accounts together and give them tools to merge two accounts (one created with Twitter account and one with Facebook account) together.