Alex G

@HarryR this is so cool! Please create a PR for the README, I'll merge it.

I already started doing it by subclassing FacebookAuthProvider and overriding authenticate() method, it seems to work :) But refactoring would be a more elegant way. Should I write a patch...

Ok. I'm going to store it in PostgreSQL.

btw, is it possible to make oauth completely stateless? one could store the secret UUIDs in the session with cryptography. I would strongly prefer this option than accessing the DB.

Let's do it. We can store only a strong hash of the state string in the cookie, it's almost as safe as holding it in secret on the server side....

But what is storeUserInCache() used for?

I see that, what I don't understand is why linking and merging must rely on cache rather than on UserService?

Github is used to make contribution PRs (and discussions about them) easier.

> Ну и главный вопрос - зачем все это? На каких размерах это эффективнее чем дерево с хорошим хэшом? Да, формулы сравнения констрейнтов важно дописать в комментариях.