Differentiate a not-logged-in Facebook user vs. a logged-in Facebook user but not authorize our application yet

I have some troubles when using javascript code for Facebook invite friends. Details:

  1. User Facebook A already authorized our web application, and give us the permission to offline-access their access tokens.

  2. User A logged in into our web. The system detect that A synchronized his account (on our web) with Facebook, so it retrieve A's information from Facebook.

  3. In the same browser, A open a new tab, and log out of Facebook.

  4. A user B borrows A computer, and then logged in Facebook but with his account: user Facebook B.

  5. He move to our web (the tab that A already opened), and click "Invite friends". The list show all the friends of user B, not user A.

This scenario (though very rarely happens), troubled our group testers, because it may causes un-expected behavior for our web application (a user may think he synchronize the wrong Facebook account).

To stop that case, I want to differentiate who is currently logged-in Facebook (user B), with the user has authorized our application (user A). Currently I'm checking like this:

function showInvitationDialog() {

            FB.init({ 
                    appId:'${appId}', 
                    cookie: false, 
                    status: true, 
                    xfbml: true 
                });

            FB.getLoginStatus(function (response) {
                if (response.session) {
                    if (response.session.uid != ${fbId}) {
                        alert("You are currently logged in to FB with another account (different to the account you registered). Please make sure that you don't accidently use others FB account to invite");
                        return;
                    }
                }

                var request_ids = FB.ui({ method: 'apprequests',
                                    message: '<@spring.message code="friends.invitation.message" />',
                                    data: 'hello'});
            });
    }

The above code works for most case, but it have a problem:

  1. If user X is logged in Facebook user X', and he authorize our app already: response.session.uid = X_FacebookId -> ok, we know who he is
  2. If user X is not logged to Facebook, response.session == undefined
  3. If user X is logged in with Facebook user X', and he hasn't auhthorized our application yet, response.session == undefined

So I can not differentiate the case 2 vs case 3. In both case, the results from getLoginStatus is the same, but I want to solve it differently:

  • case 2 -> continue to call the function to let "Login dialog" popup
  • case 3 -> informs the user that he has logged into the wrong Facebook account.

Is there any solution for this situation? Any idea will be greatly appreciated.

Answers


getLoginStatus() returns a Json object which is like :

{
    status: one of 'not_authorized' / 'connected' / 'unknown'
    authResponse: ....
}

not_authorized means they are logged into facebook but haven't authorized your app, connected means they have authorized the app, unknown means they are not logged into facebook.

(from memory so might not be exact)

Also, you might want to consider listening for auth events, which might make this problem easier. http://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/


Need Your Help

retrieve large number of records with mongoDB in a reasonable time

performance mongodb cursor mongodb-java

I'm using mongoDB to store a querylog and get some stats about it.

Core Audio: Bizarre problem with pass-through using render callback

callback core-audio render pass-through

I am implementing an audio passthrough using the RemoteIO audio unit, by attaching a render callback to the input scope of the output bus (ie the speakers).

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.