Reputation: 10848
Differentiate a not-logged-in Facebook user vs. a logged-in Facebook user but not authorize our application yet
I have some troubles when using javascript code for Facebook invite friends. Details:
User Facebook A already authorized our web application, and give us the permission to offline-access their access tokens.
User A logged in into our web. The system detect that A synchronized his account (on our web) with Facebook, so it retrieve A's information from Facebook.
In the same browser, A open a new tab, and log out of Facebook.
A user B borrows A computer, and then logged in Facebook but with his account: user Facebook B.
He move to our web (the tab that A already opened), and click "Invite friends". The list show all the friends of user B, not user A.
This scenario (though very rarely happens), troubled our group testers, because it may causes un-expected behavior for our web application (a user may think he synchronize the wrong Facebook account).
To stop that case, I want to differentiate who is currently logged-in Facebook (user B), with the user has authorized our application (user A). Currently I'm checking like this:
function showInvitationDialog() {
FB.init({
appId:'${appId}',
cookie: false,
status: true,
xfbml: true
});
FB.getLoginStatus(function (response) {
if (response.session) {
if (response.session.uid != ${fbId}) {
alert("You are currently logged in to FB with another account (different to the account you registered). Please make sure that you don't accidently use others FB account to invite");
return;
}
}
var request_ids = FB.ui({ method: 'apprequests',
message: '<@spring.message code="friends.invitation.message" />',
data: 'hello'});
});
}
The above code works for most case, but it have a problem:
- If user X is logged in Facebook user X', and he authorize our app already: response.session.uid = X_FacebookId -> ok, we know who he is
- If user X is not logged to Facebook, response.session == undefined
- If user X is logged in with Facebook user X', and he hasn't auhthorized our application yet, response.session == undefined
So I can not differentiate the case 2 vs case 3. In both case, the results from getLoginStatus is the same, but I want to solve it differently:
- case 2 -> continue to call the function to let "Login dialog" popup
- case 3 -> informs the user that he has logged into the wrong Facebook account.
Is there any solution for this situation? Any idea will be greatly appreciated.
Upvotes: 0
Views: 558
Answers (1)
Reputation: 859
getLoginStatus() returns a Json object which is like :
{
status: one of 'not_authorized' / 'connected' / 'unknown'
authResponse: ....
}
not_authorized means they are logged into facebook but haven't authorized your app, connected means they have authorized the app, unknown means they are not logged into facebook.
(from memory so might not be exact)
Also, you might want to consider listening for auth events, which might make this problem easier. http://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/
Upvotes: 2
Related Questions
- Facebook access user info if they are not logged in
- Check if a user is logged in to Facebook
- how to detect after FB authentication and before FB authorization
- How do I check if a facebook account is currently logged in before requesting permission for my app? (using php sdk)
- Dertermine if user is logged in to Facebook w/o using Facebook api
- Check if user is logged in New Facebook API
- Possible to find out whether a user is logged into facebook over javascript API?
- Detect whether user is logged in to Facebook
- Detecting if a facebook user allowed or disallowed login
- Get logged fb user but NOT authorised the app (outside of canvas page)