Waa Maxay OAuth
OAuth waa nidaam oggolaansho (authorization) oo u oggolaanaya app ama adeeg inuu helo xogtaada adigoon siin password-kaaga. Waa sababta aad marar badan u aragto batoonka leh: “Continue with Google” ama “Login with Facebook.”
OAuth waa nidaam oggolaansho (authorization) oo u oggolaanaya app ama adeeg inuu helo xogtaada adigoon siin password-kaaga. Waa sababta aad marar badan u aragto batoonka leh: “Continue with Google” ama “Login with Facebook.” App-ku ma oga password-kaaga, balse wuxuu helayaa oggolaansho xaddidan oo aad adigu siisay.
Si fudud, OAuth wuxuu xalliyaa su’aashan: “Sidee app kale u heli karaa xogtayda anigoon u sheegin sirteyda?”
Tusaale: Qiyaas inaad qof siiso fure kuu oggolaanaya inuu qol gaar ah oo gurigaaga ka mid ah galo, adigoon siin furaha guud ee guriga oo dhan. Taasi waa OAuth. Waxaad siisay oggolaansho xaddidan, waqti xaddidan, iyo awood xaddidan.
Marka OAuth la adeegsanayo, waxaa jira saddex dhinac oo wada shaqeeya:
Isticmaalaha (User-ka/Adiga) App-ka raba xogta Adeegga haysta xogta (Google, Facebook, GitHub, iwm)
Habka uu u shaqeeyo waa sidan: isticmaalaha ayaa oggolaada in app-ku helo xog gaar ah. Adeegga weyn (tusaale Google) wuxuu app-ka siinayaa access token. Token-kaas ayuu app-ku ku gelayaa xogta la oggolaaday, isaga oo aan hayn password. Haddii oggolaanshaha la joojiyo, token-kuna wuu joogsan.
OAuth waxaa badanaa lagu adeegsadaa:
– Login with Google / GitHub / Facebook – Apps-ka mobile-ka iyo web-ka – APIs-ka waaweyn – SaaS platforms – Nidaamyada u baahan amni (security) sare
Waxaa muhiim ah in la fahmo in OAuth uusan ahayn xaqiijin aqoonsi (authentication) oo toos ah, balse uu yahay oggolaansho (authorization). Taasi micnaheedu waa: OAuth wuxuu qeexayaa waxa aad sameyn karto, halka JWT ama password-kuna ay sheegayaan cidda aad tahay. Inta badan labadooda waa la isku daraa si loo helo nidaam amni oo dhammaystiran.
Sababta OAuth uu muhiim u yahay waa: – Wuxuu yareeyaa khatarta password-yada la xado – Wuxuu kordhiyaa kalsoonida isticmaalaha – Wuxuu fududeeyaa ku biirista (onboarding) apps-ka cusub – Waa halbeeg (standard) caalami ah oo la isku halleeyo
OAuth waa laf-dhabarta apps-ka casriga ah. Waa sababta aad maanta hal "click" ugu geli karto adeegyo badan adigoon mar walba is-diiwaangelin cusub sameyn. Haddii aad rabto inaad dhisto apps ammaan ah oo heer caalami ah, fahamka OAuth waa lama huraan.
