You can verify account ownership in a way implemented by https://chessteams.info (just try to register and you will understand, how it works).
OAuth2.0 Impementation
Sort:
Sep 14, 2020
0
#3
If I understand correctly how it works:
the chessteams.info is only a proxy to the initial chess.com database.
the user should gives his username and password to a third part. In this case to (https://chessteams.info/) and I think they make a query to the chess.com api in the background. This is not secure for the user because the chessteam.info get basically your username and password.
No, you didn't get it right. You create new password for ChessTeams and prove that account belongs to you temporary putting randomly generated key instead of the name of your city.
is there an OAuth2.0 implementation, so that the users can authentificate themselfs in my platform using there chess.com credenticals?
My Idea is to link a chess.com account to a user account in my platform, but there is no way to now if the chess.com account belongs really to that user. I think an OAuth mechanism could be a create great why to do that.
this there a why to do this?