- User can login using his/her facebook account or native account at runaround
- For Facebook Connect authentication the session is managemed by Facebook and runaround make use of Facebook client APIs to get a handle on session
- For native account authentication (in the sample app) there is no server session, only a cookie based session is used.
We all know that Cookie based session is not secure and the demo app duly mentions it here
Since we are in learning mode and trying to port the PHP application to Google App Engine it may be simple to have similar functionality (even though it is not secure). But later we must do the right thing to have server based sessions.
0 comments:
Post a Comment