I am creating a website (PHP), an API (PHP) and a native iPhone application. I want users to log in with their Facebook account so that they can post reviews / upload photos via the website or iPhone app to our server / database. It will also save me time to create a complete user registration system.
I am trying to understand how to create a unified architecture for such a solution. I think of the following:
Registration:
- Create a database table containing my users (the table will have the following fields: id, facebook_uid, firstname, lastname)
- iPhone iPhone login scenario: user logs in via Facebook; clicking on the button allows me to allow my application; returns to the application with access_token (which is stored on his phone). After that, my own API is called to register the user (if he is not already registered in the database) with the data: facebook_uid, firstname and lastname.
- Internet login scenario: user login via Facebook; redirects to my configured return URL and logs in the user (if not already in the database) with these values facebook_uid, firstname and lastname
Product Review Publication
Iphone App: make a call for my API with the following parameter input: review_text, facebook access_token. My API will then make a server-side API call to facebook to get facebook_uid. When I restored facebook_uid, I insert a review record for this user on facebook into the database. (Instead of sending Facecbook access_token, I could directly send the facebook_uid value to my API. But I thought it might be less secure because everyone could insert a tip on how to behave with another user if he knows their facebook_uid)
Website: Using the Facebook Connect PHP library, an FB login session is available, so I can insert the server part directly into the overview by reading facebook_uid sessions.
Facebook ? / PHP, ?