使用laravel Auth进行社交身份验证的用户
[英]Socially authenticated user using laravel Auth
问题描述
I am storing the user details of social authentication to User (authenticable) model, and login the user. 
我将社会身份验证的用户详细信息存储到User (可认证)模型中,并登录用户。 So that i can use the features of Auth . 这样我就可以使用Auth的功能。
Callback function: 回调函数:
public function callback()
{
$user = Socialite::driver('facebook')->user();
$newUser=new User();
$newUser->name=$user->name;
$newUser->email=$user->email;
$newUser->remember_token=$user->token;
$newUser->save();
Auth::login($newUser, true);
return redirect('/');
}
But, I then realize anybody could login with just username with built in login, normal login form, if no password validations are required since we donot store facebook password in our app database. 但是,然后我意识到,如果不需要密码验证,因为我们不将Facebook密码存储在我们的应用程序数据库中,那么任何人都可以仅使用内置登录名和常规登录名的用户名登录。 and password will be NULL in this case. 在这种情况下,密码为NULL。
I think of deleting the user details after user logs out. 我想在用户注销后删除用户详细信息。
public function logout()
{
User::find(Auth::user()->id)->delete();
Auth::logout();
return redirect('/')->with('message','logged out!');
}
This doesnot looks so good. 这看起来不太好。 What is the correct or better way to make the socially authenticated user use Auth ? 使经过社会身份验证的用户使用Auth的正确或更好的方法是什么?
1 个解决方案
解决方案1
1 2016-12-05 11:04:45
It means you haven't understand the life cycle of the api carefully. 这意味着您没有仔细了解api的生命周期。 Redirect the user to the facebook page let them accept your application and signed in. After the facebook will provide the details of user and store them fb_id,email,phone etc then create them. 将用户重定向到Facebook页面,让他们接受您的应用程序并登录。在Facebook将提供用户的详细信息并将其存储后,再创建fb_id,电子邮件,电话等。 Next time when they login make sure the fb_id matches with the returned from the user login. 下次他们登录时,请确保fb_id与用户登录返回的内容匹配。 So deleting the user after registration makes no sense. 因此,注册后删除用户毫无意义。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.