Unauthorized requests will respond with the RedirectToAction() method and redirect it to Facebook's or Google's login method.
When the user gives permission to an app in the Facebook or Google authorization server (Login page), it carries a token to our app, and we insists that it identifies an individual.