OAuth:
The way we implement the 'login with Google, Facebook, or Github' thing you see on some websites
When implementing a login feature (i.e. usernames/passwords, and a “logged in” vs “not logged in” status), we have two choices:
- Roll our own authentication, storing the usernames/passwords ourselves.
- Delegate that to some other identify provider.
The second choice is almost always preferable. Maintaining a database of usernames/passwords is an invitation to be hacked. And, even if your webapp is nothing special, people have a bad habit of reusing passwords across many different websites.
A common way of delegating authentication is via a protocol called OAuth.
This is the protocol that allows the “login with Facebook”, “login with Google”, etc. functionality
you see on many websites.
Related topics:
- OAuth: —The way we implement the 'login with Google, Facebook, or Github' thing you see on some websites
- OAuth: Authorizing GitHub Third Party Apps—Gradescope, and GitHub OAuth Apps you build yourself
- OAuth: GitHub Setup—Setting up a GitHub OAuth App to obtain client id and client secret
- OAuth: Google Setup—Setting up a Google OAuth App to obtain client id and client secret