堆栈内存溢出
  简体   繁体   English

无需用户名和密码的身份验证

[英]Authentication without a username and a password

 原文  2009-06-07 06:39:36       php/ authentication/ air/ facebook

问题描述

I'm working on an AIR application that connects to facebook. 我正在开发连接到Facebook的AIR应用程序。 After the user connects to his facebook account he should be able to do stuff to the account linked to the facebook account he's logged into. 用户连接到他的facebook帐户后,他应该能够对链接到他登录的facebook帐户的帐户进行操作。

Typically, you'd have a login() function that accepts a username and a password, authenticates them and sets a cookie. 通常,您会有一个login()函数来接受用户名和密码,对其进行身份验证并设置cookie。 In my case, all I have after the user logs in to facebook is his facebook user ID, how can I authenticate users based on that? 就我而言,用户登录到Facebook之后,我所拥有的只是他的Facebook用户ID,如何基于该用户身份进行身份验证?

Thanks, 谢谢,

1 个解决方案

解决方案1
 4 已采纳  2009-06-07 09:42:32

You're not really doing the authentication any more if your having the user log in via their Facebook account, now Facebook is handling the authentication and you just have to link it to the account that Facebook gives you. 如果您让用户通过其Facebook帐户登录,那么您实际上就不再进行身份验证了,现在Facebook正在处理身份验证,您只需要将其链接到Facebook为您提供的帐户即可。 That is the whole point as far as I can see. 据我所知,这就是重点。

edit: 编辑:

Yes, but say i use a function like login(FBuid), how does the backend check that the user is actually logged in with FB and is actually authenticated? 是的,但是要说我使用了诸如login(FBuid)之类的功能,后端如何检查用户是否实际使用FB登录并进行了身份验证?

If you have it set up correctly, the API will connect to Facebook and then their scripts will check if that user is already signed in (ie. they have an active session, which is confirmed by a valid facebook session cookie). 如果设置正确,API将连接到Facebook,然后他们的脚本将检查该用户是否已登录(即,他们具有有效的会话,并由有效的Facebook会话cookie确认)。 If they don't have an active session then it will ask them to log into their account and return you the Facebook user Id. 如果他们没有活动的会话,它将要求他们登录其帐户并返回您的Facebook用户ID。 If they do have an active session they will just return the Facebook user id to you without asking the user for anything. 如果他们确实有一个活跃的会话,他们只会将Facebook用户ID返回给您,而不会询问用户任何事情。 The Facebook user Id that you receive back is your confirmation that they have been authenticated. 您收到的Facebook用户ID是对他们已通过身份验证的确认。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 没有用户名/密码的身份验证? - Authentication without username/password? 没有用户名/密码的电话间隙认证 - Phonegap Authentication without username/password 获取用户名和密码进行身份验证 - Fetch Username and Password for Authentication 在没有OAuth的情况下将加密的用户名/密码存储在远程网站上以进行身份​​验证 - Storing encrypted username/password for authentication on remote website without OAuth 发送用于HTTP身份验证的用户名和密码 - Sending username and password for HTTP Authentication 不使用密码和用户名登录 - Logging in without using password and username 在libcurl用户名/密码验证方面需要帮助 - Need help with libcurl username/password authentication 用户名密码令牌的SOAP身份验证失败 - SOAP Authentication of Username Password Token Failed 聊天验证密码和用户名以获取IP和端口 - Chatting authentication of password and username to get IP and port CakePHP身份验证-不同表中的用户名和密码 - CakePHP Authentication - Username and Password in different tables
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM