Using OAuth token from Facebook Login as a password2019 Community Moderator ElectionSecure hash and salt for PHP passwordsHow do you use bcrypt for hashing passwords in PHP?Is there a way to skip password typing when using https:// on GitHub?Facebook access token server-side validation for iPhone appGit push requires username and passwordWhy is char[] preferred over String for passwords?Rest API to validate external OAuth 2.0 access tokenBest practice for REST token-based authentication with JAX-RS and JerseyLogin with password and facebookBest practices for server-side handling of JWT tokens
Virginia employer terminated employee and wants signing bonus returned
Is "conspicuously missing" or "conspicuously" the subject of this sentence?
Should I tell my boss the work he did was worthless
Does a warlock using the Darkness/Devil's Sight combo still have advantage on ranged attacks against a target outside the Darkness?
Is it "Vierergruppe" or "Viergruppe", or is there a distinction?
What problems would a superhuman have whose skin is constantly hot?
Should I take out a loan for a friend to invest on my behalf?
Was Luke Skywalker the leader of the Rebel forces on Hoth?
Bash script should only kill those instances of another script's that it has launched
Intuition behind counterexample of Euler's sum of powers conjecture
Why doesn't this Google Translate ad use the word "Translation" instead of "Translate"?
Find longest word in a string: are any of these algorithms good?
How to draw cubes in a 3 dimensional plane
Why does liquid water form when we exhale on a mirror?
Are all players supposed to be able to see each others' character sheets?
What are actual Tesla M60 models used by AWS?
'The literal of type int is out of range' con número enteros pequeños (2 dígitos)
Reverse string, can I make it faster?
How to detect if C code (which needs 'extern C') is compiled in C++
Conservation of Mass and Energy
They call me Inspector Morse
Can you reject a postdoc offer after the PI has paid a large sum for flights/accommodation for your visit?
In the quantum hamiltonian, why does kinetic energy turn into an operator while potential doesn't?
How to write ı (i without dot) character in pgf-pie
Using OAuth token from Facebook Login as a password
2019 Community Moderator ElectionSecure hash and salt for PHP passwordsHow do you use bcrypt for hashing passwords in PHP?Is there a way to skip password typing when using https:// on GitHub?Facebook access token server-side validation for iPhone appGit push requires username and passwordWhy is char[] preferred over String for passwords?Rest API to validate external OAuth 2.0 access tokenBest practice for REST token-based authentication with JAX-RS and JerseyLogin with password and facebookBest practices for server-side handling of JWT tokens
How do I properly replace username/password authentication server-side, and instead authenticate a user using an OAuth token (From Facebook login)? I'm new to OAuth, and usually use password based systems, so help is kindly appreciated.
The plan is this:
1) User goes on my site and clicks "Login with Facebook", logs in
2) My site would then get the OAuth token + user email from FB, and send it to my server, which would make an account (Username= user's FB email, password= OAuth token), and the email/ token would also save to localStorage for the user
3) When the user returns to the site, it would try to login to my server with the saved localStorage email (username) and token (password).
How do I validate that the token is valid from FB server-side upon login (to prove that the user controls that email)? Also, is it a good idea to use the first gotten token as a password, or can the token change on later logins, eg from another browser? If it changes, I would need to validate the token on every login, right?
Thanks for any advice, STAN
authentication login oauth-2.0 passwords facebook-login
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
add a comment |
How do I properly replace username/password authentication server-side, and instead authenticate a user using an OAuth token (From Facebook login)? I'm new to OAuth, and usually use password based systems, so help is kindly appreciated.
The plan is this:
1) User goes on my site and clicks "Login with Facebook", logs in
2) My site would then get the OAuth token + user email from FB, and send it to my server, which would make an account (Username= user's FB email, password= OAuth token), and the email/ token would also save to localStorage for the user
3) When the user returns to the site, it would try to login to my server with the saved localStorage email (username) and token (password).
How do I validate that the token is valid from FB server-side upon login (to prove that the user controls that email)? Also, is it a good idea to use the first gotten token as a password, or can the token change on later logins, eg from another browser? If it changes, I would need to validate the token on every login, right?
Thanks for any advice, STAN
authentication login oauth-2.0 passwords facebook-login
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
add a comment |
How do I properly replace username/password authentication server-side, and instead authenticate a user using an OAuth token (From Facebook login)? I'm new to OAuth, and usually use password based systems, so help is kindly appreciated.
The plan is this:
1) User goes on my site and clicks "Login with Facebook", logs in
2) My site would then get the OAuth token + user email from FB, and send it to my server, which would make an account (Username= user's FB email, password= OAuth token), and the email/ token would also save to localStorage for the user
3) When the user returns to the site, it would try to login to my server with the saved localStorage email (username) and token (password).
How do I validate that the token is valid from FB server-side upon login (to prove that the user controls that email)? Also, is it a good idea to use the first gotten token as a password, or can the token change on later logins, eg from another browser? If it changes, I would need to validate the token on every login, right?
Thanks for any advice, STAN
authentication login oauth-2.0 passwords facebook-login
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
How do I properly replace username/password authentication server-side, and instead authenticate a user using an OAuth token (From Facebook login)? I'm new to OAuth, and usually use password based systems, so help is kindly appreciated.
The plan is this:
1) User goes on my site and clicks "Login with Facebook", logs in
2) My site would then get the OAuth token + user email from FB, and send it to my server, which would make an account (Username= user's FB email, password= OAuth token), and the email/ token would also save to localStorage for the user
3) When the user returns to the site, it would try to login to my server with the saved localStorage email (username) and token (password).
How do I validate that the token is valid from FB server-side upon login (to prove that the user controls that email)? Also, is it a good idea to use the first gotten token as a password, or can the token change on later logins, eg from another browser? If it changes, I would need to validate the token on every login, right?
Thanks for any advice, STAN
authentication login oauth-2.0 passwords facebook-login
authentication login oauth-2.0 passwords facebook-login
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
edited Mar 7 at 19:30
Stan Tatarnykov
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
asked Mar 7 at 6:45
Stan TatarnykovStan Tatarnykov
428711
428711
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55037607%2fusing-oauth-token-from-facebook-login-as-a-password%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55037607%2fusing-oauth-token-from-facebook-login-as-a-password%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
