using the FB PHP SDK... what is the equivalent method of the FB JS SDK method:
fb.getLoginStatus
I'm looking for something like:
$facebook->getLoginStatus()
I haven't been able to find it after looking through the entire FB PHP Class. I basically want to determine if a user is logged in FB AND authorized the app. Fairly basic but please help!
$fbUser=null;
$FB=new Facebook(array('appId'=>$fbAppID,'secret'=>$fbAppSecret));
if($FB&&($fbUser=$FB->getUser())){
try {
$fbProfile=$FB->api('/me');
} catch (FacebookApiException $e){$fbUser=null};
}
$fbLoggedIn=!is_null($fbUser);
This code will work only if you user is already logged in the app.
But fb.getLoginStatus will tells us whether user is logged in on the facebook, it did not return the login status of our app.
Related
At Forge.Facebook module doc I can only see authorize, logout, api and ui function avaible from FB SDK. But it's et posible to get login status, like SDK's getLoginStatus, some how?
Just call forge.facebook.authorize and if the user has already logged in it won't open up the modal dialog again.
Since v1.4.6 we also return the access_token.
Is there anything else that getLoginStatus gives you that you'd need through us?
Update: you can now also check whether a user is logged in without showing any prompt using our forge.facebook.hasAuthorized method.
I'm developing using the Facebook PHP SDK.
I wanted to make it so that when the user logs out of Facebook, they will automatically be logged out of my website too.
I am using the following code to detect the session, using the session cookie:
$facebook->getUser();
For some reason, the getUser() function still returns the user's Facebook ID, even after they have logged out of Facebook on their website.
Am I to detect the session first using another Function?
On the official documentation example here, is the following excerpt from their comments:
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
This lead me to believe that the session cookie for Facebook would become unset upon Facebook logout?
Kind Regards,
Luke
I have the same issue!
The FB PHP SDK saves those things into the $_SESSION!
You can delete them like this when your user clicks logout:
$_SESSION['fb_'.APP_ID.'_user_id'] = '';
$_SESSION['fb_'.APP_ID.'_access_token'] = '';
Although this is not the final solution, it works for now.
I appreciate comments and solutions on that!
I want to give an alternative, in a way you don't have to handle session stuff. Although, I must warn you this is slower than cleaning up the session, because it relies on a new request. What we're doing in the code below is to check on Facebook if the token is still valid. Here it's:
try {
$facebook->api('/me','GET');
$logged = true;
} catch(FacebookApiException $e) {
$logged = false;
}
In my case, I was doing everything using the JavaScript SDK, so I couldn't clean session on logout. But in my landing page, I was needing a work around to check it before send the response back.
If you're facing something like this, definitely a good solution.
The problem seems to be in php-sdk in basefacebook.php at line 567
protected function getSignedRequestCookieName() {
return 'fbsr'.$this->getAppId();}
This method returns the name of the cookie the sdk is looking for. However, javascript-sdk uses 'fbs_' prefix. Change this to 'fbs_' and it works fine.
return 'fbs'.$this->getAppId();}
$facebook->destroySession();
To destroy the session you can also use:
$facebook->destroySession();
I have integrated the facebook in to my application, From the FB i will be getting the userid and the name of the user and passing it to my own service that will do the validation and allows the respective user to get in to the system. I have got the userid and username from the FB and passed it my service that will do the validation,it allows the user to enter in to app, but my problem is once i logged in , how can i log out from the FB ?
Please let me know your ideas.
Thanks
If you are using the new facebook sdk, then us
[facebook logout:delegate]
Being facebook your Facebook object,and delegate an FBSessionDelegate.
If all goes well your delegate will be called on -(void)fbDidLogout;
That depends on which library you use to connect to facebook.
But I guess that you have a FBSession class that has a logout method...
That logout method also calls deleteFacebookCookies that you could also directly call depending on your needs...
Hope that helps.
If you are using old facebook sdk,then use this code for logout.make FBSession class object and code like this. [FBSessionclassobject logout];
it will delete all FacebookCookies.
I used the old rest api for showing the Permission Dialog in Facebook before.
Now, with the new graph API, what can I do? (I'm in IFrame Apps).
I know that I can cheat and popup the permission in a seperate window:
FB.login(function(response) {
if (response.session) {
if (response.perms) {
// user is logged in and granted some permissions.
// perms is a comma separated list of granted permissions
} else {
// user is logged in, but did not grant any permissions
}
} else {
// user is not logged in
}
}, {perms:'offline_access'});
like that.. call the FB.login again (let say I want people to click on a different button and trigger the extended permisison dialog)
However,it looks ugly,and it doesn't look like a dialog.
Is there a way to generate the dialog? I try to figure out whether FB.ui can help but there is only little information about that.
In addition, I don't think the 'response' callback ever execute. Neither I click "Don't allow" or "allow", won't trigger any call back. any idea?
hihih..anyone can help me?
Finally. find out the solution from another website.
first. after FB.init( ... ); do that:
FB.provide("UIServer.Methods",
{ 'permissions.request' : { size : {width: 575, height: 300},
url: 'connect/uiserver.php',
transform : FB.UIServer.genericTransform }
} );
Then, whenever you need to call the permssion dialog, do that:
FB.ui({method: "permissions.request", "perms": 'email,offline_access'},
callBack);
It took me so long to figure out by looking at the FB object and find out there is UIServer with permissions.request then from that, I keep searching and find this solution. and FB.ui talks nothing about it.. and FB.provide is not documented. THANKS facebook.
You don't need to use javascript or any SDK for this although it would make it easier. You need only to redirect the user to a url like this:
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/callback&
scope=user_photos,user_videos,publish_stream
You should always redirect the user to the top window either with javascript or the link.
window.top.location = <login_url> or Login
If you are using the PHP SDK or the C# SDK you could have the sdk generate the url for you, but the process is the same.
Also, not that the redirect_uri has to be on the same domain as your iFrame application's url. This will cause Facebook to redirect your user outside of Facebook to your website, you then should redirect the user back to the app inside of facebook. For example:
User clicks login
user goes to Facebook login page
User clicks allow
Facebook redirects the user to http://www.example.com/callback
Your app redirects the user to http://apps.facebook.com/myapp/loggedin
One of the answers suggests a hack in which you call FB.provide() and then FB.ui() to pop up the extended permissions dialog. That solution doesn't work for me, but there is a documented solution now that does. Just call FB.login() to get the permissions you need.
FB.login(function(response){
if (response.authResponse) {
alert('success!');
} else {
alert('fail!');
}
},{scope: 'email'});
Even better, you can ask for extended permissions with the login button.
I have an application that integrates with Facebook using Oauth 2.
I can authorize with FB and query their REST and Graph APIs perfectly well, but when I authorize an active browser session is created with FB. I can then log-out of my application just fine, but the session with FB persists, so if anyone else uses the browser they will see the previous users FB account (unless the previous user manually logs out of FB also).
The steps I take to authorize are:
Call [LINK: graph.facebook.com/oauth/authorize?client_id...]
This step opens a Facebook login/connect window if the user's browser doesn't already have an active FB session. Once they log-in to facebook they redirect to my site with a code I can exchange for an oauth token.
Call [LINK: graph.facebook.com/oauth/access_token?client_id..] with the code from (1)
Now I have an Oauth Token, and the user's browser is logged into my site, and into FB.
I call a bunch of APIs to do stuff: i.e. [LINK: graph.facebook.com/me?access_token=..]
Lets say my user wants to log out of my site. The FB terms and conditions demand that I perform Single Sign Off, so when the user logs out of my site, they also are logged out of Facebook. There are arguments that this is a bit daft, but I'm happy to comply if there is any way of actually achieving that.
I have seen suggestions that:
A. I use the Javascript API to logout: FB.Connect.logout(). Well I tried using that, but it didn't work, and I'm not sure exactly how it could, as I don't use the Javascript API in any way on my site. The session isn't maintained or created by the Javascript API so I'm not sure how it's supposed to expire it either.
B. Use [LINK: facebook.com/logout.php]. This was suggested by an admin in the Facebook forums some time ago. The example given related to the old way of getting FB sessions (non-oauth) so I don't think I can apply it in my case.
C. Use the old REST api expireSession or revokeAuthorization. I tried both of these and while they do expire the Oauth token they don't invalidate the session that the browser is currently using so it has no effect, the user is not logged out of Facebook.
I'm really at a bit of a loose end, the Facebook documentation is patchy, ambiguous and pretty poor. The support on the forums is non-existant, at the moment I can't even log in to the facebook forum, and aside from that, their own FB Connect integration doesn't even work on the forum itself. Doesn't inspire much confidence.
Ta for any help you can offer.
Derek
ps. Had to change HTTPS to LINK, not enough karma to post links which is probably fair enough.
I was having the same problem. I also login using oauth (I am using RubyOnRails), but for logout, I do it with JavaScript using a link like this:
Logout
This first calls the onclick function and performs a logout on facebook, and then the normal /logout function of my site is called.
Though I would prefer a serverside solution as well, but at least it does what I want, it logs me out on both sites.
I am also quite new to the Facebook integration stuff and played around the first time with it, but my general feeling is that the documentation is pretty spread all over the place with lots of outdated stuff.
This works as of now - and is documented on facebook's site # http://developers.facebook.com/docs/authentication/. Not sure how recently it was added to the documentation, pretty sure it wasn't there when I checked Feb-2012
You can programmatically log the user our of Facebook by redirecting
the user to
https://www.facebook.com/logout.php?next=YOUR_REDIRECT_URL&access_token=USER_ACCESS_TOKEN
This solution no longer works with FaceBook's current API (seems it was unintended to begin with)
http://m.facebook.com/logout.php?confirm=1&next=http://yoursitename.com;
Try to give this link on you signout link or button where "yoursitename.com"
is where u want to redirect back after signout may be ur home page.
It works..
I can programmatically log user out Facebook by redirecting user to
https://www.facebook.com/logout.php?next=YOUR_REDIRECT_URL&access_token=USER_ACCESS_TOKEN
The URL supplied in the next parameter must be a URL with the same base domain as your application as defined in your app's settings.
More details: https://developers.facebook.com/docs/authentication
You can do this with the access_token:
$access_array = split("\|", $access_token);
$session_key = $access_array[1];
You can use that $session key in the PHP SDK to generate a functional logout URL.
$logoutUrl = $facebook->getLogoutUrl(array('next' => $logoutUrl, 'session_key' => $session_key));
This ends the browser's facebook session.
With PHP I'm doing:
logout.
if(isset($_GET['action']) && $_GET['action'] === 'logout'){
$facebook->destroySession();
header(WHERE YOU WANT TO REDIRECT TO);
exit();
}
Works and is nice and easy am just trying to find a logout button graphic now!
Here's an alternative to the accepted answer that works in the current (2.12) version of the API.
Logout
<script>
FB.init({
appId: '{your-app-id}',
cookie: true,
xfbml: true,
version: 'v2.12'
});
function logoutFromFacebookAndRedirect(redirectUrl) {
FB.getLoginStatus(function (response) {
if (response.status == 'connected')
FB.logout(function (response) {
window.location.href = redirectUrl;
});
else
window.location.href = redirectUrl;
});
}
</script>
the mobile solution suggested by Sumit works perfectly for AS3 Air:
html.location = "http://m.facebook.com/logout.php?confirm=1&next=http://yoursitename.com"
For Python developers that want to log user out straight from the backend
At the moment I'm writing this, the trick with m.facebook.com no longer works (at least for me) and user is redirected to the mobile FB login page which obviously is not good for UX.
Fortunately, FB PHP SDK has a semi-documented solution (in case the link doesn't lead to getLogoutUrl() function, just search look for it on that page). This is also mentioned in at least one other on StackOverflow: Facebook php SDK getLogoutUrl() problem.
BTW I've just noticed that Zach Greenberg got it right in this question, but I'm adding my answer as a summary for Python developers.
A note for Christoph's answer:
Facebook Oauth Logout
The logout function requires a callback function to be specified and will fail without
it, at least on Firefox. Chrome works without the callback.
FB.logout(function(response) {});
#Christoph: just adding someting . i dont think so this is a correct way.to logout at both places at the same time.(Logout).
Just add id to the anchor tag . <a id='fbLogOut' href="/logout" onclick="FB.logout();">Logout</a>
$(document).ready(function(){
$('#fbLogOut').click(function(e){
e.preventDefault();
FB.logout(function(response) {
// user is now logged out
var url = $(this).attr('href');
window.location= url;
});
});});
Update: This solution works and just a call to 'FB.logout()' doesn't work because browser wants a user interaction to actually call this function, so that it knows - it is a user not a script.
Logout
it's simple just type : $facebook->setSession(null); for logout