Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+8 votes
in Q2A Core by

I'm looking for some input on how to integrate Facebook Connect into Q2A. By extension the same approach will be used for other single-sign-on implementations in future. Here's what I am thinking at the moment - please let me know what you think:

  • To enable Facebook Connect, each installation of Q2A will need to sign up for a Facebook application ID and secret key. (This is inevitable.)
  • On Q2A sites with Facebook Connect enabled, if a user is not logged in, the Facebook Connect button appears on both the login and register pages.
  • Clicking this button will take a user to the usual Facebook confirmation, to allow the site to get access to the user's details.
  • When logging in for the first time via Facebook Connect, a new Q2A account will be created for the user, which is associated with their Facebook ID.
  • Each time a user logs in to Q2A via Facebook Connect, i.e. not only the first time, their Q2A account will be populated with the email and picture from their Facebook account. On their first login, their handle will also be set based on their name - if it's a duplicate of another user's, it will be transformed in some appropriate way to make it unique.
  • Users logged in via Facebook Connect cannot set their email manually via their account page, since anyway this will be updated from Facebook in future. They can however change their handle, and choose whether to show their Facebook avatar, or a different avatar instead.
  • A Q2A account associated with Facebook Connect can only be accessed via Facebook Connect, and not logged into another way.

Would love your input on whether this all makes sense.

related to an answer for: What are the additional features in 1.3?
You know, I really wished Facebook used OpenID instead of their own system.
Also, good luck! Facebook's API systems are notoriously convoluted and undocumented...
On second thoughts I think users who come via FB Connect should be able to modify their email as well. When they first sign in via FB, their email will be marked as confirmed (since Facebook requires this), but if they change it later in Q2A, they'll need to confirm it again the usual way.
Another change to the above. Because of how Facebook's Javascript API works, it made more sense to offer the Facebook login button alongside the standard Login/Register links at the top right, rather than only as an option on the login/register pages. And if a user logs in via Facebook, they will see the Facebook logout button in the top right, rather than the standard Q2A logout. This is necessitated by Facebook's terms and conditions.

3 Answers

0 votes
edited by

Seems to be very complete, only additional feature i can think about would be that a user could change somehow the account type, for the case that he does not longer wants to be a member of facebook.

Then, I am not sure, but when he cancels his permision for accessing his basic data, he somehow needs to be neutralized in the database, may be setting everything to anonymous.

Besides I allow me to recommend the http://thinkdiff.net/facebook/php-sdk-graph-api-base-facebook-connect-tutorial/ and http://thinkdiff.net/facebook/graph-api-javascript-base-facebook-connect-tutorial/ tutorials which seem to be well done.

Especially the discussion around could be of interest.


0 votes
I feel you covered all the points.
+3 votes
Everything seems fine except the final point. I would expect that users should be able to change their sign-in method if they want. For example they may delete their FB account, or change OpenID, or their provider may announce they are closing down. Also, anyone who has currently signed up with a regular account may want to switch to FB/OpenID.

For the login/register page, it would be nice to have something similar to Stack Overflow's page with links for Google, Yahoo, Facebook and so on.
Just to clarify, I do intend to implement Facebook Connect in the next release.
if you see it implemented here at the login excellent thanks gidgreen you the betsssss i waiting next release!!!
Yipiiiiiiee !! Testing the generously provided world best facebook feature.
Excellent, thank You so much, I wasnt sure what "next" finally means..
As I understand, a user could have two accounts, one only at q2a and one through facebook ? No problem for me, and once i quit facebook, i still have an account here. And, once a facebook user has changed his data it is not overwritten each time he enters through facebook. Very nice work !