Are there any unique and unchanging tokens available to me from Facebook and Google?
Once I get the tokens and user information back from Oauth login, it is then up to me to search my database for a user with that email and create an account if it does not exist.
The problem is, even if the oauth token and therefore email is authentic, I still want to use a second token in the database query when I look up the users.
Do Google and Facebook have any unique ID fields that I can bundle with the email when I create users to aid in the security of my login process?
p.s. I am using Mean stack and passportjs if there are any known validation or token generation packages that might help me.
Thanks.