MarkiyanMatsekh
commented
12 years ago - Get familiar with how it's implemented and how should we use it; whether it happens only on client side, or also on server side; here are some links: http://vk.com/developers.php?o=-1&p=Open+API http://developers.facebook.com/docs/guides/web/
- Make some small example of external authentication to demostrate how we will manage it. Your example should: a. Allow the user to authenticate via facebook or vkontakte(by clicking some buttons etc) a1. Doesn't matter if user currently has already session in some social web - dont log him in automatically a2. If user has valid session with one of the social webs and clicks to authenticate via one - try to avoid forcing him inputting his credentials - just use that session a3. If he doesn't have any session - let him input his credentials b. Show information retrieved by external system, like user ID, session token etc
- Get familiar with more advanced authentication techniques - whether there's available server-side validation of information, retreived from client(but don't implement this yet)