smacca
asked on
Forms Authenticaition and Connect using Facebook or Twitter
Hey all,
We are developing a website that has standard forms authentication access to the underlying member system - nothing out of ordinary here!
How do we now integrate connecting using Facebook and/or Twitter?
Does anyone have experience with this and can point us in right direction.
We are just not sure what you do after you authenticate with Facebook/Twitter REST API - how do you assign forms authentication ticket?
Do you have to store the Facebook and Twitter details against the user account?
Would love to hear any commentary on this - much appreciated!
Thanks for your time.
Cheers.
Steve
We are developing a website that has standard forms authentication access to the underlying member system - nothing out of ordinary here!
How do we now integrate connecting using Facebook and/or Twitter?
Does anyone have experience with this and can point us in right direction.
We are just not sure what you do after you authenticate with Facebook/Twitter REST API - how do you assign forms authentication ticket?
Do you have to store the Facebook and Twitter details against the user account?
Would love to hear any commentary on this - much appreciated!
Thanks for your time.
Cheers.
Steve
ASKER
Hi,
Thanks for the great examples and comments.
You have given fantastic direction but we are unsure of how the Facebook username associates with the underlying authentication module.
Normally, we would:
1. Pass username to .net forms authentication (as with your example)
2. Use the Application Authentication events to check the user details and assign roles to the Principal.
However, when you use Facebook and/or Twitter authentication, these details have no relation to our underlying system (e.g. roles - admin, user, guest).
So, do we:
1. Have user login to the members area.
2. Have them authenticate with Facebook/Twitter and then STORE their details against their member information (account).
3. Then, when they return and sign-in with Facebook/Twitter we simply LOOKUP member account information using the Facebook/Twitter ID.
4. Then, get their native username and authenticate as you would normally (as well as reassigning userid to the native one for identity, principal and context)
Hope this makes sense as I would really love to get on top of this algorithm.
Thanks kindly for your time.
Steve
Thanks for the great examples and comments.
You have given fantastic direction but we are unsure of how the Facebook username associates with the underlying authentication module.
Normally, we would:
1. Pass username to .net forms authentication (as with your example)
2. Use the Application Authentication events to check the user details and assign roles to the Principal.
However, when you use Facebook and/or Twitter authentication, these details have no relation to our underlying system (e.g. roles - admin, user, guest).
So, do we:
1. Have user login to the members area.
2. Have them authenticate with Facebook/Twitter and then STORE their details against their member information (account).
3. Then, when they return and sign-in with Facebook/Twitter we simply LOOKUP member account information using the Facebook/Twitter ID.
4. Then, get their native username and authenticate as you would normally (as well as reassigning userid to the native one for identity, principal and context)
Hope this makes sense as I would really love to get on top of this algorithm.
Thanks kindly for your time.
Steve
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great feedback. Thanks.
I assume you know how to authenticate with Facebook and Twitter using their respective API.
After you have authenticated the user, you can set your own cookie using
FormsAuthentication.Redire
or
FormsAuthentication.SetAut
More information can be seen here:
1) http://msdn.microsoft.com/en-us/library/ka5ffkce(v=VS.90).aspx
2) http://msdn.microsoft.com/en-us/library/system.web.security.formsauthentication.setauthcookie(v=VS.90).aspx
3) http://msdn.microsoft.com/en-us/library/ff647070.aspx