Facebook第二次验证用户
I'm developing a PHP/MYSQL powered system, and have facebook, twitter and normal login.
Each user DB record has 'type' assigned to it, which defines how they logged in, but here's where I run into a logical problem,
I record their email, username in the DB once they log into my website.
Now let's say they access the site through a different laptop and click 'login with facebook', how do I make sure that they are the same person? As you can change email and username on facebook. Do I record their user id from facebook or?
Any help would be apreciated
我正在开发一个PHP / MYSQL驱动的系统,并且有facebook,twitter和正常登录。 p>
每个用户数据库记录都分配了“类型”,它定义了他们的登录方式,但这里是我遇到逻辑问题的地方, p>
我记录了他们的 一旦他们登录我的网站,就会在数据库中显示电子邮件。 p>
现在让我们说他们通过另一台笔记本电脑访问该网站,然后点击“使用Facebook登录”,我该如何确保他们 是同一个人吗? 您可以在Facebook上更改电子邮件和用户名。 我是否在Facebook上记录他们的用户ID? p>
任何帮助都是apreciated p> div>
Facebook have the unique userid. You can use that one to identify the same person.
You do not have to store the email and username of the facebook user. Getting email address of the facebook user depends on the permission. So you can just save his profile id / user id. Do a mapping with your local userid and facebook id, so when next time user connects to facebook, get the fb id and then make a session with your local user id mapped with it.