Socially authenticated user using laravel Auth
Question
I am storing the user details of social authentication to User (authenticable) model, and login the user. So that i can use the features of Auth .
Callback function:
public function callback()
{
$user = Socialite::driver('facebook')->user();
$newUser=new User();
$newUser->name=$user->name;
$newUser->email=$user->email;
$newUser->remember_token=$user->token;
$newUser->save();
Auth::login($newUser, true);
return redirect('/');
}
But, I then realize anybody could login with just username with built in login, normal login form, if no password validations are required since we donot store facebook password in our app database. and password will be NULL in this case.
I think of deleting the user details after user logs out.
public function logout()
{
User::find(Auth::user()->id)->delete();
Auth::logout();
return redirect('/')->with('message','logged out!');
}
This doesnot looks so good. What is the correct or better way to make the socially authenticated user use Auth ?
1 answers
solution1
1 2016-12-05 11:04:45
It means you haven't understand the life cycle of the api carefully. Redirect the user to the facebook page let them accept your application and signed in. After the facebook will provide the details of user and store them fb_id,email,phone etc then create them. Next time when they login make sure the fb_id matches with the returned from the user login. So deleting the user after registration makes no sense.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.