Automatically log facebook user into my site
I've set up a facebook login for my site, using the faceboko php-sdk example.php method. It's working fine, but I want a user who has already allowed my site once to be automatically logged into my site, if they're logged in faceboo开发者_开发百科k.
Currently, if a user who has previously 'allowed' my application visits my site while logged in with facebook, they need to click login with facebook
, then they are redirected and logged-in. Even though after that click, they don't need to provide any credentials or anything. Thus I would just like this step to be removed and for a user to be automatically logged in.
I hope that makes sense. Thanks
This is discussed on their site.
http://developers.facebook.com/docs/guides/web/#login
Facebook Platform uses OAuth 2.0 for authentication and authorization. While you can add login to your site using OAuth 2.0 directly (see our Authentication Overview), the open source JavaScript SDK is the simplest way to use Facebook for login.
[...]
In order to log the user into your site, three things need to happen. First, Facebook needs to authenticate the user. This ensures that the user is who they say they are. Second, Facebook needs to authenticate your website. This ensures that the user is giving their information to your site and not someone else. Lastly, the user must explicitly authorize your website to access their information. This ensures that the user knows exactly what data they are disclosing to your site.
http://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus/
By testing for the presence of the session object within the response object, you can be sure the user is known to your application and you can begin to make further calls to the Facebook APIs. If the session object is not present, the user is either not logged into Facebook, or has not authorized your application.
http://developers.facebook.com/docs/authentication/
Check the client side flow section to see when you get the authentication token you need to be passing around.
If the user is already logged in, we validate the login cookie that we have stored on the user's browser, authenticating the user. If the user is not logged in, they are prompted to enter their credentials
精彩评论