How integrate loopback third-party login for andro

2020-07-10 03:24发布

问题:

My project includes web and android client. I want to combine Google cross platform sign-in and loopback third-party login.

In my scenario, I will never ask username and password. User only uses Google sign-in button for authentication and authorization on both web and android app.

Lets assume, it's the first time you logged in with Google sign-in through my web site. In loopback third-party scenario, if you are not existing on db, it creates an account corresponded provider and external id. (In this case provider is google and external id is your unique google id). This is for web, loopback-example-passport

So, assume that above scenario for android. You click only Google Sign-in button and then loopback server will able to do above things (as web)

Is there a built-in way in loopback for this? If not, how can I integrate this scenario in loopback properly?

回答1:

Well it's a little bit old question, but I've encountered the same issue on android, but with facebook third party login.

I didn't find any trivial solution, so after a lot of struggle tried different approach: (change facebook to google for your case)

  1. UI user presses 'login with facebook' button (provided by facebook sdk for android)
  2. UI User signs in with facebook credentials
  3. Client side gets user's access token from facebook
  4. Client side encrypts the access token and passes it to the server.
  5. Server decrypts the access token, and talks with facebook graph API using access token - for validating the token, and if needed, for getting additional info related to requesting user.
  6. Assuming it's valid, server check's if the user already has local account (can be checked with email or id):

    6.1 If user doesn't have an account, we create a new one with the Facebook User ID or email (loopback requires password so a random one can be provided), this will assign our own unique UserID and issue our auth ticket (user.createAccessToken(ttl, callback)).

    6.2 else, continue just with assigning auth ticket to user for this session