在移动应用上实现社交登录的最佳实践

I'm currently building a web service to allow a mobile app to login to our app using Facebook. What is the best practice on implementing that feature?

My current flow is :

1st condition : User haven't registered yet...

• User tap "Login with Facebook" button in the mobile app.
• And then, user allows permission for the Facebook app that I created for the mobile app.
• The app retrieved email address, Facebook ID number, and Name from the Facebook API
• The app check if the Facebook ID && Email address already registered in our database

If not registered :

• The email address, Name, will be automatically filled into the Registration form
• After submitting, the app sends the information (Fullname, email, hashed password, and facebook Id to the server, registering the user)

If already registered : - The server returns the token code, which used for in-app activity

Do you think there will be a security issue there? I'm thinking if maybe someone knows you, knows your Facebook ID which can be fetched using Graph tool, and possibly know your email address, that people can logged on to the app easily by sending all the data to the server.

ALSO, I'm thinking of implementing the same method with Twitter, but it seems that email cannot be retrieved using Twitter API. Any work-around on using Twitter API?

Thank you very much for your answer.