Facebook内容在服务器端获取

Question

My goal is to develop iPhone application that can be used to view content that is partially composed from data (statuses, photos, videos) from Facebook friends of the phone owner.

In other words the iPhone app should interact with some backend server that generates content and this backend should fetch data from facebook. Currently I am thinking about using Django for backend.

I haven't used any social api before, and I have a gut feeling that auth in this scheme may cause some problems, mostly because I have user, that should enter login/pass on the device-side and actual content fetching (from user's fb friends), on server-side.

What can help me to implement such scheme? Does fb api provides something like this at all?

Note that this is not a web project, I have native iPhone app.

Answer 1

This is entirely feasible, it's just that it depends on you implementing the auth structure with an understanding that all the actions to grant permission for the app on facebook are going to need perform redirects. This may involve opening a browser outside your app, or you can use the IPhone SDK just for the auth and have the access_token sent to your server by the client device after the OAuth process is completed.

This is a very common approach for applications that want to setup their own auth system alongside Facebook/Twitter/Google + other OAuth providers. You maintain native user ids that are associated with some Facebook user and obtain the access token where necessary. The process for obtaining permanent, offline access has changed from persistent tokens over to ones you refresh. I'll reference you to another discussion that has all the pertinent details for that:

What field type to store the facebook token?

Once a valid access_token is obtained and saved, either in a persistent storage or in the session, you can use it to access the same endpoints that the client side SDKs use to fetch and exchange data. This is usually accomplished with some HTTP library. The SDK for PHP, for example, merely expedites this process from within a browser window by automating the auth process and then embedding the access credentials in request data for you. This can totally be simulated on the server side by using the endpts with a standard HTTP lib (urllib or HTTPlib in python) and manually setting the newly obtained access_token as a request variable to be sent along to the graph API.

If you're going the python route and your needs on the client side are going to be entirely handled via the phone, I would highly suggest you look at Flask , which is a variant of the Werkzeug WSGI library. This tool really can't be beat for spinning up quick endpts that echo out some serialized data (in your case, most likely JSON directly from FB). I've always liked it for web services type work since it leave you open to decide what libraries to use for your other needs and thereby keeps the deployed codebase as small as possible.