Authorization through Vkontakte. What to store in the cookie?

0 like 0 dislike
To register for the site you plan to use the authorization through Vkontakte using authorization code flow. It is necessary to obtain the full name, email address.

But I need a week user went to the site, and have already been authorized.

What is stored in the cookie for the safe use of the site and the inability of the substitution account?

How to organize the structure of a MySQL database to store sessions?
by | 34 views

2 Answers

0 like 0 dislike
Then this:
Generate a hash string for user_id + token, type SESSION_ID
And generate something like LOGIN_TIME

Both parameters recorded in the database. And when I visit the website compare the cookie and the database on two of these data.

This version of the rules?
0 like 0 dislike
Just like in a conventional authorization. When the user enters a username and password, you check the availability of the user and compare the password?
In the case of VC, during the first authorization, you keep in database the user id of the VC, and of soap, if needed. when re-authorization, check whether you have this user VK in the database, if there is, authoritiesi it.

Or the question is not VC, and the method of authorization?

Related questions

0 like 0 dislike
1 answer
0 like 0 dislike
4 answers
0 like 0 dislike
3 answers
110,608 questions
257,186 answers
33,795 users