使用 appengine 的 openid
我目前正在 appengine 中通过 openid 使用联合身份验证 - 使用 google、yahoo、myopenid 作为提供程序
对于我应该在数据库中存储什么来识别返回用户有一个疑问。 我当前正在存储 user.getNickname() - (对于谷歌和雅虎,这会返回用户的电子邮件地址)。
User user = userService.getCurrentUser();
String username = user.getNickname();
我用它来存储和检索用户特定数据。
这是正确的方法吗? getNickName() 是否唯一?我看到 User 还有一个 user.getUserId() 方法和一个 user.getEmailId() 方法。
我应该使用 user.getUserId() 代替吗?
I am currently using federated authentication via openid in appengine - using google, yahoo, myopenid as the providers
Had a question as to what I should be storing in my db to identify returning users.
I am currently storing user.getNickname() - (for google and yahoo this returns the users email address).
User user = userService.getCurrentUser();
String username = user.getNickname();
I use this to store and retrieve user specific data.
Is this the right way to proceed? Is the getNickName() unique? I see that User also has a user.getUserId() method and a user.getEmailId() method.
should I be using user.getUserId() instead?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
getNickname()- 不要使用它。getUserId()- 这是合乎逻辑的,但问题可能是用户忘记了他们在您的网站上使用的身份(我有多个 Google 帐户,还有 yahoo 和 facebook)。这可能会导致为一个人创建多个帐户。但后来,有些人想要这个。此外,即使 Google 用户更改了电子邮件,这一点也保持不变。'getEmail()` - 实际上类似于 ID - 唯一标识用户。如果用户使用别名电子邮件登录,则可能与 ID 不同。
无论如何,当用户第一次登录时,您应该向他们显示“帐户详细信息”页面(就像 SO 所做的那样)。此外,您应该让用户能够将身份聚合到一个帐户中。
getNickname()- don't use this.getUserId()- this is logical, but the problem could be if users forget which identity they used with your site (I have multiple accounts with google, plus yahoo and facebook). This could lead to creating multiple account for one person. But then, some people want this. Also, this remains the same for Google users even if they change their email.'getEmail()` - is actually similar to ID - uniquely identifies user. CAN be different then ID if users use alias email to log in.
Anyhow, when users log in for the first time you should present them with Account Details page (like SO does). Also, you should give users ability to aggregate identities into one account.