When implementing a login feature (i.e. usernames/passwords, and a “logged in” vs “not logged in” status), we have two choices:
- Roll our own authentication, storing the usernames/passwords ourselves.
- Delegate that to some other identify provider.
The second choice is almost always preferable. Maintaining a database of usernames/passwords is an invitation to be hacked. And, even if your webapp is nothing special, people have a bad habit of reusing passwords across many different websites.
A common way of delegating authentication is via a protocol called OAuth.
This is the protocol that allows the “login with Facebook”, “login with Google”, etc. functionality you see on many websites.