Facebook Connect Implementation - What if FB user changes email?

I've implemented FB connect on my application, and all works fine.

The procedure is pretty standard:

• user authorizes the app
• user is redirected to my website
• I capture the user's FB id, email, name
• I create a new unique user in my database using this info

However I am wondering if the user leaves my site, and changes their email on FB.

The next time they visit my site, their new email would not be updated, as it was created the first time they visited.

In order to update their email address every time they visit, I wo开发者_如何学编程uld need to pull the token from the cookie every time they visit, and run an update on all their info on the database (even if it hasn't changed).

This is an incomplete solution, though. My app is designed to send email alerts to users.

If they saved a bunch of email alerts, left my site and then changed their email on FB, the email alerts would be sent to the wrong address until they visited my site again.

Some trivial options include alerting the user on the front end about the limitation of using FB connect, living with it, or abandoning this login method altogether.

Does anyone have more intelligent ideas on how to solve this pickle?

As an alternative method, I would look into using real-time updates for users, which will let Facebook tell you when your users change any of their information, and in that, their e-mail address. This is more efficient than polling because you're only doing processing when data is received, and more user-friendly because you're not asking for that scary offline_access token. In practice, I've found that the real-time updates are sort of hard to work with, but if executed properly they could do exactly what you're asking for here.

Since Facebook isn't going to notify you when a user changes their email, then yes, you'd need to poll/check it.

Either check each time the user visits your site or have the users grant you the offline_access permission so you get a non-expiring token. With that you could batch query your users on a regular basis to see if they have changed their email addy on facebook (You would of course need to store this token for each user).