With yet another major Games company having personal details stolen, I want to hold as little identifying personal data as possible on my server.
Table qa_userlogins includes "source" eg "facebook" and "identifier" which could be used to retrieve data in real time from the external source.
In brief, what I would like to do is only allow login/"registration" using external accounts like (initially) Facebook, and then retrieve personal data from that "source" e.g. the Private Message functionality would obtain the email address from Facebook instead of my Q2A table.
I'm a relative PHP novice and am lost trying to follow the program logic. To start me off:
1. can anyone tell me how to allow only external login (Facebook) and remove Q2A login (N.B. on initial set-up I didn't set QA_EXTERNAL_USERS to true - but a fresh install is not a problem).
2. I think users are currently identified by email address??? and I'd want to identify them by source and identifier, any pointers as to where and what I should look for to change?
Hope someone can help.