1

I wonder what is the right technique to streamline the login to my site via Facebook.

Currently, I have a web site integrated with Facebook Login button. Right now, it's an independent web site, and not a "Facebook app" (running in the canvas). While this is not my decision, this could change in long term if matters.

The way the authentication work: the "fb-login-button" is redirected to my application URL using onlogin() event; the server side uses the cookie to retrieve the "access token" and perform further Graph API work. The business logic resides on the server side.

The current business requirement is the following: Suppose someone posts a link to my site, somewhere in Facebook, for example in our site community page: http://www.mysitedomain.com/offer1

A Facebook logged-in user clicking on the link - should get to the target page, after his Facebook identify got verified, and the result should be personalized for that user.

If a Facebook user already has an active session with my site - trivial.

Assuming a user had approved my site (app) in the past, but has no active session - here I am looking for the best practice to do the login.

Also, I would appreciate a hint how to handle the app authorization (i.e. showing the Facebook authorization dialog) in a most efficient way.

Thanks for any hint.

Improve this question
3
  • Hi Max - Does this page answer your question: developers.facebook.com/docs/howtos/login/getting-started/…
    – Vin St. John
    Dec 10, 2012 at 23:46
  • Thanks. FB.getLoginStatus() lets me know if my app is authorized - in JS code! Currently, all the URLs in my site being accessed without valid session - being redirected to a "Login page". Should I use the FB.getLoginStatus() in that "Login page", and if connected - redirect to the "Facebook login" URL to verify cookie? Anything can be done without reloading the page? (in terms of user experience). Also, anything can be done to improve the experience of 1st time users, clicking on a link? Thanks
    – Max
    Dec 11, 2012 at 20:48
  • I think @thomasbabuj has a more complete answer here so I am going to edit my link into his answer.
    – Vin St. John
    Dec 12, 2012 at 23:37

1 Answer 1

Reset to default
2

Check out FB Login Architecture and FB.getLoginStatus. Based on FB documentation, If you use javascript sdk, it only triggers a Popup on the same page and once authenticated it will go back to the same page. So once the login status is confirmed then you can get users information from graph api and update via AJAX on your page. You can also checkout this server side login. Hope this helps.

Improve this answer
2
  • Thanks. I understand the JavaScript SDK can do the server redirect (or AJAX-based server access), for a user being authenticated. However, first-time users will have to click "Login to Facebook" button. Server-side login also allows to load the page with "one click" (sijnce facebook.com/dialog/oauth?.. will do the redirect in this case), but it will show the facebook authorization form for the 1st time users. Is my understanding correct? Thanks.
    – Max
    Dec 12, 2012 at 19:55
  • Hi Max, yes the first time users even they already logged in facebook they still need to authorize your website ( by default you facebook shares public info to get more info you need to get relavent permission from the user ).
    – thomasbabuj
    Dec 13, 2012 at 4:15

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.