Forum OpenACS Development: Re: Authentication app from Facebook to OACS site
Later, i will develop other tools of interactivity. That's for sure.
How would it be done the first time of signon?
Let's say the user already has an account on facebook and an account on my site. But he's signing on my site with facebook credentials for the first time. Thus, my site doesn't have his facebook's info yet. How would he gets athenticated?
I was wondering the scenario:
Once we agrees on providing his facebook's credentials and submit his facebook user and pwd, the OACS side would be allowed to run an API and to get more data from facebook, such as his email and etc.
Then, I believe at this stage it's safe to get him into the OACS website. However, this would be a log in without pwd on the OACS side.
Would I care about it? Because the user already proved authenticity with his facebook credentials, so it shouldn't be a problem to get him signed in.
do I make sense?
If so, is it correct to design such a ad_proc to retrieve more that from facebook and then gets him signed on?
Do you agree?