I am writing an application and using OAuth for authentication and to get user email. I am successfully certifying, but I am sure how to manage the session. I want to preserve my resources but I do not think I want to re-authenticate each user on a new page.
Current flow What is now? I am using OAuth2 for services that support (Facebook, Google) and OAuth1a for those people. Do I have good resources on returning users and the best practice for users who have time to maintain session or user returning to the site? When a user logs in to Google, your app gets a (fresh + access) token Pair will get. You can use the access token to get the user's resources and you can use fresh tokens to get a more access token if necessary. When you need it, your app can get more access tokens by exchanging your latest tokens. More information about how this can be done on Facebook here - Also, there is a good answer in the link given in response to this question that you should look for. Feel free to post any more questions.
No comments:
Post a Comment