65992

Structure of a facebook app with minimal api calls

Question:

I read all the articles on FB regarding PHP login, JS login, Canvas app login, but something remains unclear to me. How does one keep a user logged in after the initial login in JavaScript? You receive a signed_request (which you can use to authenticate the user ONCE (on initial load of a canvas app and on login, right?), let's say you use that information to verify the user server-side. Ok, so far.. But what about subsequent page loads?

Basically my question is this.. Can I use the PHP FB SDK to verify a user is authenticated on each page load without an API call? How? Is there a way to do it that is compatible with canvas?

The reason I don't want any API calls is because I hit the limit once and my app went down for an entire night. Don't want that again...

A workaround I'm thinking of is to store the user token (which I want to anyway) and use that in a session/cookie to authenticate the user on every page load in PHP, but I'm not sure if this is the best approach, because: Using my own session/cookie would allow a user to stay logged in even if they are not logged in FB. Also, I presume FB wouldn't allow this for a canvas app.

I found these relevant questions, but the information is from 2011: <a href="https://stackoverflow.com/questions/5529946/php-using-facebook-oauth-with-less-api-calls" rel="nofollow">PHP: Using Facebook OAuth with less API calls</a> <a href="https://stackoverflow.com/questions/6147631/facebook-login-how-to-combine-javascript-with-php-sdk" rel="nofollow">Facebook Login: How to combine JavaScript with PHP SDK?</a>

Answer1:

The workaround you mentioned is the right way of doing it. Saving tokens, using and updating them as they become expired - the way most companies stick to.

Only in cases of new users or expired tokens the OAuth should be used. The API you use is not important. You can actually retreive authentication through JavaScript and pass it to PHP for further usage.

Cheers.

Recommend

  • Kinect API written solely in Java without native functions?
  • Can you use DataSet and DataTables in a Portable Class Library
  • Checkpointing In ALS Spark Scala
  • Heroku push rejected - Hartl's Rails 3.2 tutorial
  • Ruby and class variables in inherit class
  • Insertion large number of Entities into SQL Server 2012 [duplicate]
  • Regex for nested values
  • You tube videos are not playing
  • Getting unread count in Sent Folder using Google Apps Script - GMail
  • How do I Dispose a HttpResponseMessage in my Web Api Method?
  • Problem with Django using Apache2 (mod_wsgi), Occassionally is “unable to import from module” for no
  • How to draw a line dynamically in android [duplicate]
  • Most efficient way to move table rows from one table to another
  • Aptana 3 remove bundle (jquery)
  • Function calls are not supported. Consider replacing the function or lambda with a reference to an e
  • Ember.js model to be organised as a tree structure
  • Loading .coffee files via a view in Rails
  • Chart.js Multiple dataset
  • Jackson Parser: ignore deserializing for type mismatch
  • Email verification using google app script and google forms
  • OpenGL ES texture problem, 4 duplicate columns and horizontal lines (Android)
  • How to delay loading a property with linq to sql external mapping?
  • Why HTML5 Canvas with a larger size stretch a drawn line?
  • Resize panoramic image to fixed size
  • How would I use PHP exceptions to define a redirect?
  • Volusion's generic SQL folder, functionality
  • Controls, properties, events and timers running in design time
  • DirectX11 ClearRenderTargetViewback with transparent buffer?
  • htaccess rewriting URLs with multiple forward slashes
  • Display Images one by one with next and previous functionality
  • How to make Safari send if-modified-since header?
  • Why is the timeout on a windows udp receive socket always 500ms longer than set by SO_RCVTIMEO?
  • Web-crawler for facebook in python
  • How can I estimate amount of memory left with calling System.gc()?
  • RestKit - RKRequestDelegate does not exist
  • A cron job substitute?
  • Unit Testing MVC Web Application in Visual Studio and Problem with QTAgent
  • How do you join a server to an Active Directory (domain)?
  • coudnt use logback because of log4j
  • Android Heatmap on canvas or ImageView