I’m starting a series of blogs about the creation of a social network – because I find developing one rather fun and figure many people would find reading about it, interesting. I hope so.
I’m creating a social network for my coupon website, InitialCoupons.com. Initial Coupons is a site I’ve run for a while now, it’s the successor of CPCoupon.com , a popular coupon website, among CafePress shoppers and shop keepers, for finding current coupon codes. Initial Coupons now amalgamates CPCoupon along with a ton of other online brands.
Initial Coupons pays its rent by advertising companies with affiliate programs, when somebody uses a coupon, the website earns a commission.
The main purpose for creating a social network is to give value to the user. My current strategy is to create a site that users will use and come back to. I’m not focussed on SEO – in fact, I’ve unoptimised the website and spent a good time making it a better user experience, and will continue to improve it. I’m also not focussed on monetizing it either. The long term goal is to create something of true value, that won’t be reliant on “search”.
So, that was the synopsis…
This blog has come about two weeks into the development of the social network, but I’ll start from the beginning, further blog posts will catch up.
Using OpenID for Login
I use RPXNow (or Janrain as it’s now called) to provide the login functionality of Initial Coupons’ social network.
Jainrain is really awesome. I use it on a number of my sites. They provide a widget that allows someone to login with their openid. They handle all of the api calls to the various providers, like Google and Facebook. Then all I do is write a script to handle the response.
The response is a unique id. The response doesn’t include a password, which is great for me and the user. They don’t have to remember yet another password and I don’t have the worry of storing it.
The unique id is stored in a database. When a user logs in for the first time, their account is created. When they come back all of the account info is pulled back out. It’s very simple. I’ve also structured my database so that, at a later date, I can introduce my own login in system, which will work seamlessly with this one.
If you’re creating your own login in system – here’s a top tip. Never store a user’s password in an unencrypted state. Always encrypt it using one-way encryption, such as MD5 SHA-1 or 2. Your login script should encrypt the password entry , then query your database for the user name and encrypted password. If there’s a match – let them in.
Always be dubious of a website that can remind you of your password via email. That’s a sure sign they’re using encryption. The right way is to ask the user to reset the password.
So, I’ve chosen to avoid all of that for now and use Janrain, which is really easy to implement. I highly recommend you check it out.
Next, we’ll get inside the social network and explore how I’ve developed things like “friending”, “commenting” and “liking”.
Edit: Thanks Mr Jaba for the SHA-1/2 advice. SHA is the secure way to handle hashing passwords.
