I want to implement multiple auth providers (like stackoverflow). I have downloaded the dotnetauth library. However, I have one generic question about the overall architecture of my web application. What's the best way to determine which auth provider (fb, twitter, openid) a user has chosen so that I can make a request to that provider? Maybe I can set a cookie the first time that user logs in with his chosen provider?
I have been considering this question for a while and this is my conclusion:
- On your login screen, have a bunch of icons pointing to different auth providers - you'll probably also need a username, password option for people who are facebook, twitter, google - phobic
- Set a cookie based on the last auth provider the user used
- When the user hits your site - read the cookie and then go directly to that auth provider to authenticate (the advantage of that is that if the user is for example a regular facebook user, and they are already authenticated on facebook, facebook will immediately return the auth credentials and they are straight into your system, seamlessly)
- Give them an option in your app somewhere to set a default auth provider (or no auth provider - i.e. just go to your standard login screen each time)
I have started implementing this, and so far so good.