• Newly sign up accounts to the website require the user to fill in their information need a lot of time
– There is a lot of information that needs the user to fill up when they sign up. This is such a very wasting time action.
• The user need to remember another complexity password for the website
– When the user wants to sign up for the website, they are required to create a password. But, normally the website will limit the user password such as they need to have a certain length of characters.
– Sample validation for the password created when the new user sign up
Figure 1 Sample pasword validation
• The user often forgets which email that they have used to sign up
– The user may have few account email address due to they often forget their previous account email or password. Once they have forgotten, they will sign up again for the new email address, so they will have a lot of emails and when they sign in they need to think about what email they have used to sign up for this website.
• Have to go through email to verify the account
– When user sign up using their own email, once they typo or else they will not receive the email in their mailbox. Therefore, they need to re-enter all their information again to get the verification email again. It is too complicated for those all the computer idiot.
• Consider this old technique not good enough is because:
– Old technique is user manually fill in their information and the system can’t automatically fill in the information get through Facebook.
– However, if the form is too long and complicated, the user excitement will decrease gradually due to the form that they need to fill in is too much. Some of them will lose their patience and finally they decide to use the visitor identity to access the website.
– Some people don’t want everything automatically showing up on their social media account. In the case of Facebook, they can change the setting which “Posts on your behalf” to “Only Me”, so if there is something posted by the app, nobody will actually saw it.
• Understanding what happen when we log into a site with social media:
– Log in to another site with social media account not only convenient, but it’s also more secure than creating a new account in a third-party site. The user acount will safer by using the third party to authenticate the accounts. By using these ways, the user can skip the step which forcing the user to create a new username and password.
– This way is more simple for the user which is they no need more thinking, no more password leaks, no more hackings and also sign-in and login are in the same flow.
– Besides, the developer is more relying on third-party authentication because it’s more simple. They no need to check whether the email is taken, the username has been used and also the password that the user enter does them follow the validator or not. If the website has the username and password login scheme, then they must have a “forget password” flow.
• To simplify the login function
– Provide end user a different sign up ways which means that when the user wants to sign up for a new account, the webpage will ask for the user permission whether they want automatically get their information from Facebook accounts or not because some user wants to fill in the information themselves manually because they feel that it is not very secure.?
Sometimes, we want the users to login to the website using their existing third-party applications such as Facebook, Twitter, Google and etc into our website. We are going to look into authentication of ASP.NET Core app using a Facebook account.
• Create ASP.NET Core Web Application on Visual Studio 2017
Figure 2 Create a new ASP.NET Web Application
Before running the application, open the Package Manager Console and put in “Update-Database” command.
Figure 3 Insert the command
• Create Facebook App
First of all, you need to navigate to the Facebook developers page and sign in to your Facebook account. Type in your app display name and also the contact email.
Figure 4 Create new Facebook App ID
Once you have successfully created the new app ID, the webpage will redirect to the dashboard of the application shown below. Click on the “Set Up” button on the Facebook Login.
Figure 5 Facebook Login Product
Click on the “Settings” wizard on the navigation menu on the left.
Figure 6 Products Navigation
Copy the base URL from the application and paste it for redirect purpose and save it.
Figure 7 Facebook App URL
Next, copy the app ID and app secret.
Figure 8 Facebook App ID and App Secret
Paste it on secrets.json file with the following code.
Figure 9 Secrets.json file
After that, open Startup.cs file and put the following code into ConfigureServices method.
Figure 10 Insert Facebook Login method coding in Startup.cs file
Now, your appliation is ready. You can try launch the program and login with Facebook.
Figure 11 Launch the program
• Faster registration process
– By using this method, the user can save a lot of time, only need the user login to their Facebook account and the information will automatically get by the website. If user updates their Facebook profile, the database of the website will update also. It is easy and fast to manage it. The user also can revoke the access to the website any time.
• Login get user information
– The website will not even get the user password from their social media account but sometime they will access automatically to their contact list which synchronizes with their social media account and they have the ability to post something on their wall.
Social media can give you additional information about user, such as location, birthday, interests, and etc. We can target personalized content to the user by having all these date.
• Login account less to remember
– People nowadays need to remember lots of account username and password due to they have used how many social media. It is difficult for them that who need to remember the multiple accounts. Once they forget their username or password, they will keep trying to log in and more than a login limit times, the account will finally lock by the social provider.
• Eliminate login failed probability
– By using this way, the user can speed up their user login process due to no need to remember so much different username and password, because sometimes when you create the new account, they need the username to be unique and password sometimes needs to contain 1-2 alphabet or 1-2 numbering. By using these login ways, your email is already yours and can’t be taken by other therefore it can easily for you to remember.
• User email is verifid.
– By using social media logins, it can reduce the number of incorrect email addresses that key in manually by the user. When we create a new account using the email address, we will be asked to verify the account by login to the email to verify it. Sometimes the user will accidentally key in the wrong email, and they will not receive the email, therefore, they need to re-enter their all information again to sign up. Through this ways, the user can reduce the number of incorrect email addresses that key in manually and also save the time. The purpose is only to make sure that you are the real person or not.
• Lack of trust with the user.
– People today not fully trust to the social media that need their personal data. Most of the people received the scam messages by telling them that the lucky draw that they join have won the grand prizes and if they want to redeem it, they must provide their bank details before it and or given them a fake link which wants them to click inside to fill in the real information. When people hear this news, they are sure to be pleasantly surprised and give their personal information without hesitation. They often use this tricks to get the user attention. Finally, people will not only loss their money, and also loss their mental health and more.
– The hacker often used a method which is called phishing by sending the suspicious messages, notifications or emails to the user. Contents of the emails were asking for the user login with their own data and to check for the latest news. When we open the website with the link they given in the email, it seems like original Facebook but it is full of the trap, and the user also didn’t even know that the hackers are stealing their personal account details. In this way, the scammers are trapping thousands of people on Facebook.
• Data privacy issue
– Nowadays people like to use their nickname or false information to sign up for the account and they try to post their own photos on social networking sites as little as possible to reduce scam, through this method, we can prevent that others use our private information or photo to create the new account to meet for other people.
– Moreover, when we connect to the games on social media, normally it needs to permit the application with our profile information, we will not pay so much attention for allowing them to manage our private information and to use our own data with the third party.
– If one of their social identity provider such as Facebook had been hacked, all of their accounts that they use to log in are affected too. Even your Facebook account is private, they also will have the trick to get your account information. So, the best way that can prevent this happen is only to add the friends that we know.
• Not everything is simplified
– Other than the username and the password, such as the user still need to fill in the information such as payment details manually.
• Create a recommended function
– Although this system is to let the user can shorten their login step by using social media to log in, the webpage still has a scarcity which is needed a function that can be recommended the user who also logs in by connecting to the Facebook and let the user follow them.
– Implement this system in order to let the user shorten their sign up time. However, this system also didn’t have too much choice to let the user choose to login such as Instagram, Twitter.
• Create a chatroom
– Through this way, the system also can create a chatroom which is to let the user can contact the user which they follow and ask them about the question they don’t understand.
• Create a like button
– The learner can like the post that posted by the teacher.