-2
It is common for a user to "enter" into current systems using an account already registered on another network. The most common ones I see are facebook, google and etc..
The processo is simple and can be demonstrated as follows:
In that momento we may take some information from this user, such as login, email, tokens, id and other information provided in this integration. From there we can persist the data in our database, but even so we would be dependent on a password registration for the user to access the system without the integration of social networks.
When we solve the password problem in any way whatsoever, we can give rise to another problem because the user will have an access, but with information that can be removed from the system by the user. For let us suppose that:
When the user wants desvincular your network information used to log into the system. What would be the best approach to doing this? What care we should take, and what peculiarities to take care of when doing this?
Briefly my question would be: Given the many needs in integrating the access of users using social networks, which care should be taken when the user wants to unlink their information obtained on social networks of the system that deployed them.
Usually you retain the email, so the most likely approach is to keep everything, but only turn off the social network part by the token, the password keeps working, the email also and the username too, only you can no longer log in via social network. I did not deny, just to warn, but the question seems to me off-topic, a good place to ask would be the chat https://chatstack.exchange.com/rooms/11910/stackoverflow, but anyway I advanced what I understood and what seems reasonable, remembering if you choose only the token (no password) the person could return the link.
– Guilherme Nascimento