I have used Facebook Connect to Login in my site and Currently I m not logged in and my Facebook account is logged in another tab so when I goes to our site I dont get the Facebook Session i.e. when I print $facebook->getUser() I got 0.
SO can anyone please help me put what I can do for it.
I always get the active access token error
When you have not logged in your application the application will return 0 with
$facebook->getUser()
this is because user has not logged in the application, to get the user you have to either redirect user to login URL or ask user to login by clicking on url provided by:-
$facebook->getLoginUrl()
Related
I am using Facebook login with the Facebook javascript sdk. I have implemented all the login flow. I want to know what I should to do to start a session on my application. From Facebook docs https://developers.facebook.com/docs/facebook-login/login-flow-for-web:
Once your app knows the login status of the person using it, it can do one of the following:
If the person is logged into Facebook and your app, redirect them to
your app's logged in experience.
If the person is logged into Facebook but not your app, prompt them with the Login dialog.
If the person is not logged into Facebook, prompt them with the Login dialog.
I want to work on the first one: redirect them to my app's logged in experience. But I do not know how to recognize the user and start the new session on the server so that he can access personal data. I thought a possible solution might be to send the accessToken received on the client to my server, then ask to Facebook's servers if that is a valid token, if so then start a new session for the recognized user, otherwise ignore the request. Is that a correct flow?
how can i login my website using facebook credentials that too seamlessly , when i'm already logged in my facebook account in the same session or in another session. For example i'm logged in my fb and when i open website named rottentomatoes.com in the same session or in another session , i can get automatically logged in , without doing anything , as that site use my fb account and automatically get a registered memeber of that site.
i wanna do this things in my website , like things happening with rotten tomatoes.
so far i can use fb account to login in my website using facebook connect .
please help me ....any suggestion will be welcomed.
You need to have a facebook app, then in your site use the facebook js sdk.
You always have different sessions per site, you'll need to make a session for yours, you don't use the facebook session, just the sdk.
When the user loads your page you can use the FB.getLoginStatus to check if the user is logged into facebook and is authenticated with your app, if so then you get the needed user data and can then log the user into your site.
If the user is not logged into facebook, or hasn't authorized your app then you can use the FB.login method to log the user in, when the user comes back from that process you should have the data you need in order to register/log him into your site.
I have created a facebook connect login script in addition to the custom login script my site uses, which records FB user id and stores in my DB. It uses facebbok.php scripts provided by facebook and JS based popup login dialog (oauth).
I just authenticate user from FB account and do my own cookie based login on the basis of matched fb user id.
Now the problem is I can get logout url from php using getLogoutUrl() but how to logout silently without changing url in address bar using my logout.php? I tried destroySession() but it didnt logout fb user.
If user dont logout using getLogoutUrl() then next time when some other loggedin FB user tries to use fbconnect login the FB dialog box gives error "An error occurred. Please try later". Then I have go back to IE and logout that FB user from there and it works.
You can't "silently" logout a user using Facebook API. What you can do is test if the user is logged using getLoginStatus
If a user follows a link to my Facebook application (apps.facebook.com/instantinternetstar) and they are not currently logged into Facebook they are allowed to enter the Application instead of being prompted to 1st log into Facebook and 2nd grant permissions via Auth Dialog.
If a User is logged into Facebook, the new Enhanced Auth Dialog works perfectly and always.
Is there a variable I have missed?
Your settings may be fine. What you can do on the default page of http://instantinternetstar.com is to query the http post parameter called signed_request, decode it and it will tell you if the user is authenticated or not. Then you can display something to them so they know what you're about, before they take their time to login to Facebook, then accept your app.
I'm using https://graph.facebook.com/oauth/authorize?client_id and when the user logs in and accepts the app it goes on to the next page and then finally logs him out using his access token.
My problem is when the user signs in and denies the app. How do you log him out if the access token was never returned?
I've tried the javascript but no luck with that.
Thanks.
You can't force user to logout when they didn't allow you to do so.
Facebook will redirect any user denying the app back to your login url with an error specified:
If the user presses Don't Allow, your app is not authorized. The OAuth
Dialog will redirect (via HTTP 302) the user's browser to the URL you
passed in the redirect_uri parameter with the following error
information:
http://YOUR_URL?error_reason=user_denied&
error=access_denied&error_description=The+user+denied+your+request.
http://developers.facebook.com/docs/authentication