facebook login code

In facebook..when u enter correct email address but incorrect passwd..they send u an email with an Instant login button..user can login using that instant login link only once..How did they implement this ? Where can i find its code? I mean how do th开发者_JAVA技巧ey find out Instant Login link has been clicked only once ??

Any similar code over internet?

I would implement it as follows.

Create a table called "DirectLogin"

| GUID | UserID |

When the login attempt fails, create a new record in DirectLogin table.

Send the email with link

http://example.com/DirectLogin?g=aaaa-ssss-dddd-ffff-gggg&e=user@example.com

When the user clicks the link, check if the GUID and email address match the record in the table.

If it does, log them in and delete the record

They probably store a indicator in the database: (LoginAttempts).

The user clicks the link, it increments the flag.

If they click it again, it checks the flag.

ASP.NET Membership Provider does a similar thing.