Currently, I'm using Parse to handle my backend, and I have multiple ways to login -> via regular email/password and via linkedin.
Parse has a specific method of logging in requiring username/password.
If a user registers through linkedin, I hash a combination of his information as his password, and login through parse. (i.e. username: user's linkedin account / password: hashed version of user information).
If a user registers through email, the user sets his own password, logs in through parse (i.e. username: user's email / password: user's predefined password).
There's no way to retrieve a plain text version of the password, so what would be a good way to handle login through linkedin when the user has registered regularly (set his own password), and vice versa?
1 Answer 1
What StackExchange seems to do (I haven't seen the database schema) is to separate the notions of user account and login/authentication. You can have (and I do) multiple authentication methods linked to the same account: Once you are logged in, you have the option to add other methods.
I would implement that by having a table for authentication accounts that point to user records in a 1:n relationship. That way, when you have someone log in, you can perform the full authentication and then look up which user record to use. I don't see any reason to keep the log-in type stored in the session, but obviously, you could.
Explore related questions
See similar questions with these tags.