My site's account creation / logging in
Just wanted to first say "thanks" to the contributors and owners of this site. I haven't done any web development in literally a decade, so I'm a bit out of things, and this looks like it wonderful resource.
And also, real quick, not sure if this is the right board or not, so please let me know if there is a better one here.
Okay, here goes. I'm developing a social networking site with an Perl/SQL backend. On some newspaper websites (for example), you can "log in" to post comments with your Facebook account or Twitter account. I'm looking to use OAUTH1 and OAUTH2 to do something similar, since most of my users will already have a FB account.
Here's the conundrum - the website's username and password will also be used for a mobile app that's not necessarily HTML-driven (ideally). This app will need to know the username and password that was used to create an account. Should go without saying that I'm not out to ask people for their FB or Twitter account login info, so ....
I'm trying to investigate if something like this is possible:
- User without an account comes to my site and logs in with his Facebook or Twitter account.
- His email address is captured from FB and Twitter account, and he is prompted to select a password for my site.
- In the future, he can interchangeably log in with Facebook/Twitter OR his account password that was created at his first login.
First, is this reasonable? Second, how would I go about creating an account and have those credentials interchangeable with the FB or Twitter credentials? I know I'm asking a mouthful, but just the broad strokes on how to address an issue like this (even just posting a few helpful keywords) would be greatly appreciated.
Thanks for reading. Let me know if I didn't make anything clear.