Forums

Login with Chess.com

Sort:
Oldest
waltertamboer
waltertamboer
Nov 10, 2017
0
#1

I would love to create a button "Continue using Chess.com" on my website (similar as Facebook has). Would this be possible?

If you need advice on how to implement this, I'm more than happy to help.

Dale00007
Dale00007
Show your flair!
Nov 10, 2017
0
#2

This looks interesting. I am not sure if I am going to use this, but I see at least one use case for my tool. Club admin can send message automatically to multiple users under his profile once logged to my app through your oauth token - ie to infor all players playing specific match or recruit more players to some match. Posting of messages would need to be somehow limited to avoid spam so it requires some analysis. But Oauth can support this. Other thing can be POST messages to update club members.

So I am for implementing it (but please first I really need club matches resources :-) )

erik
erik
Staff
Nov 10, 2017
0
#3

I'd love to hear more about how you would use this! To link accounts, etc? Tell me more!

waltertamboer
waltertamboer
Nov 11, 2017
0
#4

@erik Some use cases:

1. Simplify access to a chess related website. Login with Chess.com would give a user access with a press on a button instead of creating a new user account at website number 89236487324.

2. Validate the user is actually who he says he is. By authenticating via OAuth, a website owner can be certain the user is actually who he says he is. Instead of letting a user enter a username which is error prone. For example, on the note board you mentioned me as "walter" while my username is actually "waltertamboer", such a mistake is easily made happy.png

 

Not entirely sure what you mean with linking accounts but if you mean storage in an external database, there are several options:

- Store the access token, your API is already public so no need for this.

- Store the unique identifier of the user (e.g. username or id), for a "login with chess.com" this is sufficient. Once the user logged in via OAuth, one would make an API call to get the current OAuth resource. Its response would contain the unique identifier. Via that response the website would know which internal user account is trying to login (since they are linked to each other).

The above means you would need to implement a new API entry point: The oauth resource

Dale00007
Dale00007
Show your flair!
Nov 12, 2017
0
#5

In my use case, it would be needed to store access/refresh tokens.

But it would require having unpublic resources for ie posting of messages or sending invites.

And frankly, say - I would need some more experienced developer to join and help me with building the tool.

waltertamboer
waltertamboer
Nov 12, 2017
0
#6

@Dale00007 - If you need tips, tricks or need coaching, shout out on Twitter and I'll respond once I get the chance happy.png @waltertamboer

waltertamboer
waltertamboer
Nov 23, 2017
0
#7

@erik What do you think? Do you like the idea?

erik
erik
Staff
Nov 23, 2017
0
#8

It's interesting. We probably are not close to this yet, but I get it!

elmsakni
elmsakni
Show your flair!
Sep 14, 2020
0
#9

Hello,

it there an implementation of this feature? I need it for my small project :-)