Facebook离线访问密钥和登录

Question

I've been working on this for a while now and I can't seem to get it to work. It seems to be a frequently asked, but a rarely well-answered question.

I want my website's users to link their facebook account with my website. So they can see their stream etc on my site.

At the moment, each time they log into my site they have to connect with facebook again. I want to have the option for users to give me offline_access to their data, so they don't have to re-login to facebook/re-connect with my site each time they come to my site. As its kind of the point of my site in general.

To do this I understand I need to get offline access. ( https://developers.facebook.com/docs/authentication/ ) Though from my searching it seems to be a bit light on documentation ( Facebook offline access step-by-step ).

I already know how to ask for offline access I'm just unsure of how to get the data from it.

So my questions are as follows;

1. How do I get the new infinate Session key after I request it?
2. Once I have it and store it in the database - How do I create a facebook user with it instead of just going through the normal limited access key?

Just for further info. I'm using PHP ( codeigniter ) with Eliot Haughin's Facebook connect library Though if you can give me code using the regular php library I'll just convert it

Thanks very much

Answer 1

Right. After some more searching and poking around the code. I figured it out.

I've tested it out for multiple users and over the course of a week and it works like a charm.

When you have gotten the offline_access permission, store the session key, and the user ID. (wherever you want. I store mine in my database).

The infinite session key will look something like this df4175330aaddb9d50fd8f84-30000799 with everything after the 'dash' being the users ID.

Then the next time you call the API add this line of code in.

$this->fb->set_user('Facebook User ID', 'Offline Access Session key', 0); NB the zero is the amount of time before it will expire. 0 = never.

My code in my library is as follows

$this->fb = new Facebook($this->_api_key, $this->_secret_key);     
//Query Database to see if user had enabled offline access.
//If So extract the userid and session key
$this->fb->set_user($fbuserid, $fbsess, 0);

In my testing this has worked perfectly. Now my users can log into my site and have facebook automatically, once they give the offline_access permission. Its currently been working for a week without problems.

I think thats everything. But if I left anything out let me know.

Answer 2

I've been working with facebook connect since they announced it at F8 and put it into beta a year ago, I'm in charge of the backend side of our Facebook connect integration on several large websites, and I've spent quite a bit of time on this issue specifically.

Here's a good post on the topic , ande here's a bug filed 3 months ago .

Long story short, facebook is not actively supporting this type of session promotion -- yes, it's in the docs -- but it doesn't work. It's clearly not something they're actually testing internally.

And from experience, let me tell you: if it's not a well documented, commonly used feature, you can't rely on facebook to maintain it.

Answer 3

The key expires every time a user changes their password. This is written on the documentation.