Unique ID for Google/Facebook Oauth

时光毁灭记忆、已成空白 提交于 2020-02-04 08:50:12

问题


Are there any unique and unchanging tokens available to me from Facebook and Google?

Once I get the tokens and user information back from Oauth login, it is then up to me to search my database for a user with that email and create an account if it does not exist.

The problem is, even if the oauth token and therefore email is authentic, I still want to use a second token in the database query when I look up the users.

Do Google and Facebook have any unique ID fields that I can bundle with the email when I create users to aid in the security of my login process?

p.s. I am using Mean stack and passportjs if there are any known validation or token generation packages that might help me.

Thanks.


回答1:


Both providers expose a unique user ID.

  • Google documentation:

    [...] you can safely retrieve and use the user's unique Google ID from the sub claim.

  • To retrieve the Facebook user_id, make a call to:

    https://graph.facebook.com/me?fields=id&access_token=xxx



来源:https://stackoverflow.com/questions/39029299/unique-id-for-google-facebook-oauth

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!