[英]When do I need to use the access token stored in the database?
When do I need to use the access token stored in my database? 我什么时候需要使用存储在我的数据库中的访问令牌?
I also got a little confused with the docs on Facebook and implementing the PHP SDK. 我也对Facebook上的文档和实现PHP SDK有点困惑。 After spending a decent amount of time mixing and adapting the two I realized that almost all examples in the docs are a part of the PHP SDK.
在花了相当多的时间混合和调整两者后,我意识到文档中的几乎所有示例都是PHP SDK的一部分。 Hence my above question.
因此我的上述问题。
There is no real reason you need to store a users access_token
in your database. 您没有必要在数据库中存储用户
access_token
。 Chances are the next time you come to use it - it'll be invalid already. 您下次使用它时可能会有机会 - 它已经无效了。 They only last for an hour or two in my experience.
根据我的经验,它们只能持续一两个小时。 Officially, the documentation states :
官方说,文件说明:
When you obtain an access token from Facebook, it will be valid immediately and usable in requests to the API for some time period defined by Facebook.
当您从Facebook获取访问令牌时,它将立即生效并可用于在Facebook定义的某段时间内对API的请求。 After that period has elapsed, the access token is considered to have expired and the user will need to be authenticated again in order for your app to obtain a fresh access token.
在该时间段过去之后,访问令牌被视为已过期,并且需要再次对用户进行身份验证,以便您的应用获取新的访问令牌。 The duration for which a given access token is valid depends on how it was generated.
给定访问令牌有效的持续时间取决于它的生成方式。
There is no concrete time period of how long a (normal) token can be valid so there would be no reason to store it. 没有具体的时间段(正常)令牌可以有效多长时间,因此没有理由存储它。 If you wanted to have an exhaustive log of all transactions with the API you could store the token as a reference - but that is overkill IMO...
如果您想要使用API详细记录所有交易,您可以将令牌存储为参考 - 但这对于IMO来说太过分了......
The only reason to store your tokens at all would be if you are dealing with extended access_tokens. 存储令牌的唯一原因是,如果您正在处理扩展的access_tokens。 If you are looking into that field, I can recommend this post - " http://facebook.stackoverflow.com/questions/8982025/how-to-extend-access-token-validity-since-offline-access-deprecation ".
如果您正在调查该领域,我可以推荐这篇文章 - “ http://facebook.stackoverflow.com/questions/8982025/how-to-extend-access-token-validity-since-offline-access-deprecation ”。 It seems to be the most comprehensive post dealing with extending the validity of an access_token.
它似乎是处理扩展access_token有效性的最全面的帖子。 You'll want to do this if you want to make calls to the Graph API on behalf of the user when s/he is not necessarily connected to your application (or logged into Facebook at all for that matter - don't know if I like that at all... )
如果你想要代表用户调用Graph API,当他/她不一定要连接到你的应用程序时(或者根本没有登录到Facebook) - 你不知道我是否想要这样做像那样...... )
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.