Im using Hybridauth so people can signup on my site using either Facebook or Twitter. I think I have most of it down:
- They go to my login page and click the Facebook Sign In button
- If they havent singed up yet it redirects them to Facebook asking for permission
- If they say yes, it will take them back to my callback URL
- What do I do here? What do I look for? Do I look for a GET variable like state? If its present then proceed to the next step?
- Grab the access token given to me from facebook app
- Create a new account in my DB and assign the access token to that account
- Log them into the system
- If they come back to log in again, they click the FB button to login, it checks to see if there is a access token already with permission, if so, I then search my DB for the account with that accesstoken. If found, I can then log them into the system
I mean thats pretty much it right? So anyone can help me with step 4? What do I look for so my code knows they want to create an account with their facebook accesstoken?