Facebook SDK:PHP和Javascript之间的共享登录
[英]Facebook SDK: Shared login between PHP and Javascript
问题描述
I'm building a small Facebook application where i ended up needing to use methods from the Facebook SDK both on the client (JS) and server (PHP). 
我正在构建一个小型Facebook应用程序,最终需要在客户端(JS)和服务器(PHP)上同时使用Facebook SDK中的方法。 On the client, i'm mostly using FB.ui methods, and on the server i'm working a lot with the Graph API. 在客户端上,我主要使用FB.ui方法,而在服务器上,我正在使用Graph API进行很多工作。
But, is there a way of doing that without having to force the user to login twice? 但是,有没有一种方法可以不必强制用户两次登录呢? How can i make the user login once, and use that login for the both client and server? 如何使用户登录一次,并将该登录名同时用于客户端和服务器? Is this possible? 这可能吗?
3 个解决方案
解决方案1
2 2013-01-22 00:56:22
The best way to use Facebook SDK in JS and PHP with only one login (or not) is to use the token . 只需一次登录(或不登录)即可在JS和PHP中使用Facebook SDK的最佳方法是使用令牌 。 The " server-side " process is the same in JS and PHP. 在JS和PHP中,“ 服务器端 ”过程是相同的。
This process is useful for the first user login or to have a new token when it expired. 此过程对于首次用户登录或过期时具有新令牌很有用。
- From your page, the user is redirected to Facebook to authorize your application. 从您的页面,用户被重定向到Facebook以授权您的应用程序。
- After user accepts, Facebook redirects user on your page with the token , facebook ID , first name, last name, email, etc. 用户接受后,Facebook使用令牌 ,Facebook ID ,名字,姓氏,电子邮件等在页面上重定向用户。
- Save user information in a Database 将用户信息保存在数据库中
Now, your application can have a connection with Facebook (in JS, PHP or other) without the user login. 现在,您的应用程序可以与Facebook(以JS,PHP或其他方式)建立连接,而无需用户登录。 The elements required are your appId , your secret , the user ID and the user token . 所需的元素是您的appId ,您的密码 ,用户ID和用户令牌 。
Hope to help you 希望对你有帮助
解决方案2
0 2013-01-22 03:47:24
Infact this will not work, as tokens expire pretty fast. 实际上,这是行不通的,因为令牌会很快过期。 The offline_access was also removed so the user has to explicit use the facebook app when you want to maintain the connection with him (you simply wont be able to do anything when the token is expired). offline_access也已删除,因此,当您想与他保持连接时,用户必须明确使用facebook应用程序(令牌过期后,您将无能为力)。
You can still save the current token for login purposes but you should update the user table every time a user logs in via FB again. 您仍然可以保存当前令牌以用于登录,但是每次用户再次通过FB登录时,都应该更新用户表。
Also, you can not login via token but you can get the token in JS OR PHP pretty easy. 另外,您不能通过令牌登录,但是可以很容易地在JS或PHP中获得令牌。
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
//user is logged in and has accepted you apps stuff.
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
// do some fancy ajax function to send the token to the server here.
}
else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
FB.login(function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
FB.api('/me', function(response) {
console.log('Good to see you, ' + response.name + '.');
});
} else {
console.log('User cancelled login or did not fully authorize.');
}
}), {scope: 'email,user_likes'}); //specify all the scopes you need for your app here.
}
else
{
//user is not logged in to facebook.
}
});
that would be the JS part to get the token and if you want to get it with PHP, it is even easier. 那将是获得令牌的JS部分,如果您想使用PHP来获得它,则更加容易。
<?php
require_once("/FBAPI/src/facebook.php");
$config = array();
$config['appId'] = 'your_app_id';
$config['secret'] = 'your_app_secret';
$facebook = new Facebook($config);
$user = $facebook->getUser();
if(!$user){
$loginUrl = $facebook->getLoginUrl(array('scope'=>'publish_stream', 'redirect_uri'=>'http://www.example.com'));
}
if($user){
try{
$user_profile = $facebook->api('/me');
$access_token = $facebook->getAccessToken();
}
catch(FacebookApiException $e){
error_log($e);
$user = NULL;
}
}
else{
echo '<a href="'.$loginUrl.'"><img src="img/login.png"/></a>';
}
?>
EDIT: infact, you can just do it like this: 编辑:实际上,您可以这样做:
Display landing page for the login and let the user login via JS. 显示登录的登录页面,并让用户通过JS登录。 As soon as the Login Process is done, you can check if the user is logged in via the $facebook->getUser(); 登录过程完成后,您可以检查用户是否通过$ facebook-> getUser()登录。 function of the PHP SDK PHP SDK的功能
解决方案3
0 2013-01-22 07:04:16
There is one neat trick I learn't when I used Heroku for deploying my tutorial Facebook application. 当我使用Heroku部署我的教程Facebook应用程序时,有一个巧妙的窍门,我没有学到。 On the sample template that Heroku provided they had Facebook Login button and subscribed to auth.authResponseChange like following:- 在Heroku提供的示例模板上,他们具有Facebook登录按钮并订阅了auth.authResponseChange ,如下所示:-
FB.Event.subscribe('auth.authResponseChange', function(response) {
window.location = window.location;
});
This causes the page to refresh and the cookie set by JavaScript SDK after Facebook's authentication will be available to PHP SDK. 这将导致页面刷新,并且Facebook身份验证后JavaScript SDK设置的cookie将可用于PHP SDK。 You can also login user through PHP SDK and after user logs in the JavaScript SDK will be able to work without requiring to login again from JavaScript SDK 您还可以通过PHP SDK登录用户,并且在用户登录JavaScript SDK之后,无需再次从JavaScript SDK登录即可正常工作
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.