Reputation: 9431
authorizing facebook tab app
I need to develop a facebook app which runs inside a page tab. Only users who have liked this page should be able to use the app (and therefore authorize it).
Using the signed_request parameter it is fairly trivial to know if a given facebook user has liked the page or not:
var isFan = false;
if (req.facebook.signedRequest && req.facebook.signedRequest.page){
isFan = req.facebook.signedRequest.page.liked;
}
This is working just fine. Now, once a user has liked the page I show a 'LAUNCH THIS APP' button which will authorize it:
$('#authApp').click(function(){
FB.login(function(response) {
if (response.authResponse) {
window.location = window.location;
}
}, {scope: 'user_likes,user_photos'});
return false;
});
As you can see, if the app is authorised successfully I reload the page.
However, when the page reloads, the signed_request.page parameter is missing. So the html markup for non-fans shows up.
This is how the signed_request looks like when reloading after authorising the app:
{
algorithm: 'HMAC-SHA256', code: '...', issued_at: 1348003786, user_id: '100...' }
If I refresh the page directly after that. Everything is fine, and the page info is there again:
{ algorithm: 'HMAC-SHA256', expires: 1348009200, issued_at: 1348004248, oauth_token: 'AA..', page: { id: '490...', liked: true, admin: true }, user: { country: 'ec', locale: 'en_US', age: { min: 21 } }, user_id: '100...' }
Is this how this is supposed to work?
What is the recommended way to work around this?
Thanks!
Upvotes: 0
Views: 397
Answers (1)
Reputation: 96226
However, when the page reloads, the signed_request.page parameter is missing.
Of course it is, because it’s only passed to your app on the initial load into the iframe (via a form with method=post submitted to the iframe).
If you want to have the data it contains after a page reload, you have two options:
Put it into your own session, so you can access it from there any time.
Do not just reload your app inside of the iframe, but get the whole Facebook page reloaded (JavaScript, top.location). Then your app will be loaded again into the iframe, and will get the signed_request posted for a second time as well.
Upvotes: 1
Related Questions
- How to add facebook authentication to my react app?
- How to securely authorize a user via Facebook's Javascript SDK
- Node Passport-facebook login in Facebook Page Tab application
- Facebook app not asking for auth
- How to authorize facebook app with javascript
- Facebook JS SDK API not authorizing
- Facebook authentication with nodejs
- OAuth and Facebook page tabs
- How do I authorize the user in a facebook pages tab?
- Is user authorized, on Facebook tab