Facebook php sdk - how to auto-login my app on website

Question

i'd like to don't show the login button on my webpage and make it automatic so if somebody visit my site it shows him the content from facebook directly without clicking on the login button every time. Can you help me?

I'm using Facebook PHP SDK4 APIs.

Following is my code:

<?php

// Must pass session data for the library to work (only if not already included in your app)
session_start();

// Autoload the required files
require_once('phpsdk4/autoload.php');

use Facebook\FacebookSession;
use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;
use Facebook\GraphUser;
use Facebook\Entities\AccessToken;
use Facebook\HttpClients\FacebookCurl;
use Facebook\HttpClients\FacebookCurlHttpClient;
use Facebook\HttpClients\FacebookHttpable;

// Facebook app settings
$app_id = '123456';
$app_secret = 'appsecretpassword';
$redirect_uri = 'mywebpageaddress';

// Initialize the SDK
FacebookSession::setDefaultApplication( $app_id, $app_secret );

?>

<!DOCTYPE html>
<html lang="it">
<head>
<meta http-equiv="Content-Type" content="text/html" charset="utf-8" />
<title>Facebook SDK test</title>
</head>
<body>

<?php

$helper = new FacebookRedirectLoginHelper($redirect_uri, $app_id, $app_secret);
try {
    $session = $helper->getSessionFromRedirect();
}
catch(FacebookRequestException $ex) { } 
catch(\Exception $ex) { }

$loggedIn = false;

if (isset($session))
{
    if ($session) 
    {
        $loggedIn = true;
        try 
        {
            // Logged in
            $user_photos = (new FacebookRequest($session, 'GET', '/me/statuses'))->execute()->getGraphObject(GraphUser::className());
            $user_photos = $user_photos->asArray();

            echo "<pre>";
            print_r($user_photos);
            echo "</pre>";
        } 
        catch(FacebookRequestException $e) 
        { 
            echo "Exception occured, code: " . $e->getCode();
            echo " with message: " . $e->getMessage();  
        }           
    }
}
if (!$loggedIn)
{
  //$loginUrl = $helper->getLoginUrl();
  $loginUrl = $helper->getLoginUrl(array('user_status'));
  echo '<a href="' . $loginUrl . '">Login</a>';
}

?>

</body>
</html>

Answer 1

I suggest using FB.getLoginStatus of the JavaScript SDK - it is the easiest way to check if a returning user is already authorized: https://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus

It refreshes the user token without the need to do a page refresh - which you would have to do with the PHP SDK afaik.

Also, FB.login is easier to handle the login. Use the PHP SDK only if you need to do stuff on the server, and if there is no other way with the JavaScript SDK. You also don´t need to update any library if you are using the JavaScript SDK btw.

About feeds on your website: Don´t use a user profile for that, an Extended User Access Token is valid for only 60 days, after that you would have to refresh it manually. You can´t do that without user interaction, so it does not matter if you use the PHP SDK or the JS SDK. Better create a Facebook Page and read the statuses of that Page with an Extended Page Access Token (valid forever). More information about Access Tokens:

• https://developers.facebook.com/docs/facebook-login/access-tokens/
• http://www.devils-heaven.com/facebook-access-tokens/
• http://www.devils-heaven.com/extended-page-access-tokens-curl/