Best practice for developing site with openId - user table?

Question

I'm quite new to OpenId and I'm having a bit of a problem understanding how to use the OpenId once the authentication is complete.

I'm creating a new site, and I've had no problem in getting the openId authentication working. But I'm not sure how I should store user related data once the user is logged in.

Before openId, I would have my own registration process, a UserTable with a unique UserId (integer), and all other tables involving data related to some user activitiy would just have a UserId column identifying the user.

Should I now use the OpenId id in my tables? Should I create a really simple OpenId->UserId table that every login is mapped to and have data stored as previously? And what happens when a user want to use different OpenId providers?

Answer 1

The Yahoo OpenID FAQ, http://developer.yahoo.com/openid/faq.html, has a great link to a recipe created by Joseph Smarr at Plaxo that details an adding OpenID to a web site that already has users, include DB table structure:

http://www.plaxo.com/api/openid_recipe

This is a step-by-step tutorial guide for implementing OpenID consumer-side support with a web site that already has users with accounts. It will explain how to easily let new users sign up for an account on your site using their OpenID URL and how to let existing users attach their OpenID(s) so they can sign in using them.

Answer 2

I use two tables at my site:

1) Users - storing the user profile information

2) Credentials - storing user login information. Credentials may be different: {email, password/hash}, openID, etc.

Answer 3

I'd suggest that you have user id to OpenID mapping, just because it would make sense to have it one-to-many — it is a good practice to allow people have more than one OpenID identity bound to the account.