Facebook grabing users token and storing it and using it
Hello i have made a apps on facebook and im asking the user for permission to post on there wall using
<script type="text/javascript">
FB.init({
appId : 'my apps code is here',
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
</script>
The user clicks yes but how do i grab there offline token ? so i can post two there wall every day ( its a horoscopes app开发者_StackOverflow中文版s so need to post there horoscopes every day to there apps )
I need to store there token in the db so i can use it every day.
i have got the facebook.php which grabs there token but donno which bit grabs it and if i mess around with things it will keep adding the token on each refresh.... i just wanna add there token to my db and then if they refresh it don't add it again...
For posting on the user wall with no confirmation from the user himself, you need to obtain the publish_stream permission. However, FB policy says you better should prompt ot make aware the user for the posting you're about to make, no matter he's given you permission for this.
Once you have this permission obtained, you can post on the user wall with your app token. This token may be retrieved like so:
https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=client_credentials
Obtaining the user token is fairly straight forward. You need to use FB.login to make sure the user is authenticated. During this process you'll want to add the offline_access permission to make sure a long lasting token is issued.
You can get the token from the login response like.
FB.login(function(response){ alert( response.authResponse.access_token ); },{scope: 'offline_access,publish_stream'} );
As noted by Martin Asenov you should ensure you've had the user make an informed consent in how you're going to be using this token. Not doing so is an easy way to get your app banned.
加载中,请稍侯......
精彩评论