Facebook login is a pretty popular and easy to use method to identify your users without requiring them to create an account and remember a password. At first, building this into your app may be confusing. This blog will outline the steps and order of operations needed to incorporate Facebook login into your app.
Firstly, the process. If a user is not entering a username and password into your app then how do you verify their details? This is actually quite simple.
I wont go into code specifics for this, but somewhere on your client the user needs to login and verify with Facebook. Facebook offers great SDKs to do this for iOS and Android. In a nutshell you need the user to ‘allow’ your app to access their information, after which Facebook will provide your application with an “access token”. This access token is used for subsequent requests to Facebook in order to get information for that user.
Now the client has the access token. It needs to send this to your server where your database is hosted. Usually this is done with a web service request.
When the server gets the access token it needs to double check this with Facebook to make sure the user is who they say they are. When a valid access token is sent to Facebook, in return you will get some information about the user back such as their Facebook id, first name, last name, and any other information that was requested in your request permissions. Based on the Facebook id you should be able to identify which user it corresponds to in your own database.
Now that you have identified the user, you can return whatever is required to function back to the client.