fb.login response always returns true - javascript

in order to check if the suer has given all the needed permissions, i do it so:
FB.login(function(response){
console.log(response.status);
if (response.status == 'connected') {
/* user gave permssions */
}else{
/* user didnt, unmark the checkbox */
$('input:checkbox').removeAttr('checked');
}
}, { scope: 'publish_stream' });
The problem is that this is allways returning true, it doesnt matter if user: logins, ommits or closes the popup.
any idea why?
Also tried: if (response.authResponse) { with no success..

The issue here is that publish_stream is an extended permission, which means the user can opt out of that permission. Generally speaking, when a user hits the block of code in your callback they have authenticated your app, but not necessarily with all of the permissions you asked for since some of them can be extended permissions. response.status is only used to communicate the status of whether the user has authenticated the application, not whether or not they have accepted all of the dialog prompts/permissions you have requested. In your case, publish_stream is an extended permission so you are not guaranteed to have that permission for the user in your callback. If you are asking for publish_stream as an incremental permission after a user has already authenticated, then your conditional check on response.status will always return true (since by definition the user has already authenticated your application).
If you want to verify you have the publish_stream permission in your callback, check for the permission using /me/permissions endpoint on the graph api.
What you want is something like this:
FB.login(function(response){
if (response.status == 'connected') {
FB.api('/me/permissions', function(response) {
var permsArray = response.data[0];
// Permissions that are needed for the app
var permsNeeded = ['publish_stream'];
var permsToPrompt = [];
for (var i in permsNeeded) {
if (permsArray[permsNeeded[i]] == null) {
permsToPrompt.push(permsNeeded[i]);
}
}
if (permsToPrompt.length > 0) {
$('input:checkbox').removeAttr('checked');
}
}
} else {
/* user didnt, unmark the checkbox */
$('input:checkbox').removeAttr('checked');
}
}, { scope: 'publish_stream' });

I don't know why, but the following code works fine for me at least~
window.fbAsyncInit = function() {
FB.init({
appId : '<?php echo FACEBOOK_APP_ID ?>',
status : true,
cookie : true,
xfbml : true,
oauth : true,
});
FB.getLoginStatus(function(response){
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
var signed_request = response.authResponse.signedRequest;
// avoid using cookie
self.location= "<?php echo site_url()?>/signup/fb_login/"+uid;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
FB.login(function(response) {
if (response.authResponse) {
self.location="<?php echo site_url()?>/signup/fb_register";
/* FB.api('/me', function(response) { */
/* }); */
} }, {scope: 'email,user_hometown'});
} else { // unknown
// the user isn't logged in to Facebook.
}
});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
FB.Event.subscribe('auth.logout', function(response) {
window.location.reload();
});
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
`

Related

Retrieve user info (i.e. location, email) w/ Facebook Javascript API

I'm using the Facebook Javascript SDK to implement Facebook Login. I'm trying to grab the name, email, location, likes, friends, etc. and redirect the user to on-boarding.
I'm able to get accessToken and userID values;however, I'm trying to grab other user information I specifically put in my scope. I've tried to look at Facebook returns undefined for email and birthday
and other questions but no luck 😞
function fb_login(){
FB.login(function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
console.log(response); // dump complete info
var accessToken = FB.getAuthResponse()['accessToken'];
console.log('Access Token = '+ accessToken);
var userID = FB.getAuthResponse()['userID']; //get FB UID
console.log("userID: "+ userID);
//refer to getData() function below
getData();
} else {
//user hit cancel button
console.log('User cancelled login or did not fully authorize.');
}
}, {scope: 'public_profile,email,user_friends,user_likes,user_location'});
}
function getData() {
FB.api('/me', function(response) {
console.log("email: "+response.email);
// you can store this data into your database
console.log('Good to see you, ' + response.name + '.');
//check if the loginStatus works
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
//redirect to start/location.ejs
//window.location = "start/location";
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
} else {
// the user isn't logged in to Facebook.
}
});
});
}
Why is this?
I was able to figure it out. Had to define some fields...now I have to figure out how to get a bigger profile pic from the user
function fb_login(){
FB.login(function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
console.log(response); // dump complete info
var accessToken = FB.getAuthResponse()['accessToken'];
console.log('Access Token = '+ accessToken);
var userID = FB.getAuthResponse()['userID']; //get FB UID
console.log("userID: "+ userID);
//refer to getData() function below
getData(accessToken);
} else {
//user hit cancel button
console.log('User cancelled login or did not fully authorize.');
}
}, {'scope': 'public_profile,email,user_friends,user_likes,user_location'});
}
function getData(accessToken) {
FB.api('/me', 'get', { access_token: accessToken, fields: 'id,name,gender,email,location,friends,likes,picture' }, function(response) {
console.log(response);
});
//check if the loginStatus works
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
//redirect to start/location.ejs
//window.location = "start/location";
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
} else {
// the user isn't logged in to Facebook.
}
});
}

Facebook JS api: Not receiving user email despite asking for permissions

For my facebook canvas app I've been trying to access the users email. Even though I ask for it, it still doesn't show up (birthday, which is also an additional permission, does show up). (in the addscope function)
<html>
<head></head>
<body>
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '--------------', // App ID
channelUrl : 'http://www.---------.com/channel.html', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
FB.Event.subscribe('auth.statusChange', function(response) {
if(response.status === 'connected')
{
console.log('Hello there!');
addScope();
}
else if(response.status === 'not_authorized')
{
console.log('not authorized');
addScope();
}
else
{
console.log('not logged in');
addScope();
}
});
FB.Event.subscribe('auth.authResponseChange', function(response) {
// Here we specify what we do with the response anytime this event occurs.
if (response.status === 'connected') {
// ...
} else if (response.status === 'not_authorized') {
// ...
} else {
//...
}
});
};
// Load the SDK asynchronously
(function(d){
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
function addScope()
{
FB.login(function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
FB.api('/me', function(response) {
console.log('In addscope function, ' + response.email + response.birthday);
});
} else {
console.log('User cancelled login or did not fully authorize.');
}
},{scope: 'email,user_birthday'});
}
</script>
</body>
</html>
An effective way to see if the right permissions are being set through the code is to use the following code (change the fields that you want to check for in the query part):
FB.api({ method: 'fql.query', query: 'SELECT user_status,friends_status,user_photos,friends_photos,user_location,friends_location FROM permissions WHERE uid=me()' }, function(resp) {
for(var key in resp[0]) {
if(resp[0][key] === "1")
console.log(key+' is granted');
else
console.log(key+' is not granted');
}
});
It is possible the user might not have given the permissions to access email id.
As far as I can see, and providing there are no errors being thrown elsewhere and that the "addScope" method is being called, your code is correct. Just make sure that there actually is a value to return (that the user has a birthday and email, otherwise you will not get it back. as stated here: https://developers.facebook.com/docs/reference/api/user/ )
I am using the FB api and have had no problem getting email and other fields while using the User access token.
remove this :
FB.Event.subscribe('auth.authResponseChange', function(response) {
// Here we specify what we do with the response anytime this event occurs.
if (response.status === 'connected') {
// ...
} else if (response.status === 'not_authorized') {
// ...
} else {
//...
}
});
};
and try again

Facebook + Prompt for publish stream only

If I have a user who is already logged onto facebook but remove my app from his/her account, how can I just prompt for the publish_stream only upon entering my app again since the user has already logged in?
Thanks.
FB.getLoginStatus(function (response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
uid = response.authResponse.userID;
accesstoken = response.authResponse.accessToken;
SrReferral = '#ViewBag.Referral';
window.fbuserid = uid;
var postData = { facebookUID: uid, facebookAccessTok: accesstoken, facebookSrReferral: SrReferral };
$.ajax({
url: '#Url.Action("DisplayGolfers")',
type: 'POST',
data: postData,
dataType: 'html',
success: function (responseText) {
$("#container").html(responseText);
}
});
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
} else {
// the user isn't logged in to Facebook.
window.FB.login(function (response) {
if (response.authResponse) {
uid = response.authResponse.userID;
accesstoken = response.authResponse.accessToken;
SrReferral = '#ViewBag.Referral';
window.fbuserid = uid;
var postData = { facebookUID: uid, facebookAccessTok: accesstoken, facebookSrReferral: SrReferral };
$.ajax({
url: '#Url.Action("DisplayGolfers")',
type: 'POST',
data: postData,
dataType: 'html',
success: function (responseText) {
$("#container").html(responseText);
}
});
} else {
console.log('User cancelled login or did not fully authorize.');
alert('User cancelled login');
}
}, { scope: 'publish_stream' });
};
});
}
Seems that I misinterpreted your question and you want user to stay logged in even if he removed application from his account on Facebook. This is really bad and easily may became security issue.
Once user removed your application he shouldn't be logged-in!
In case you don't want to prompt the user for permissions before he visits your app for the next time you should define what is "next time" in your case (hour/day/browser-session/etc) and set some cookie/session to check every visit if that is the correct time to prompt.
You can use second parameter for FB.getLoginStatus to always get fresh status of user (which will not return connected for user who removed your app).
FB.getLoginStatus(function(response) {
// this will be called when the roundtrip to Facebook has completed
}, true);
See "Roundtrips to Facebook's servers" section of FB.getLoginStatus documentation

Facebook app with error

I'm not a Facebook App expert. I grabbed this code from the FB website and I modified it to make it work with my app id (it is the only thing I changed. I added a couple of alerts too). Then I tried to use this code from a local webpage (that is: the page is on my desktop but my laptop is connected to the Internet).
Anytime I run this code I get a browser popup showing this error:
"An error occurred with MyAppName. Please try again later."
Can someone tell me what's going on here? It seems the FB.getLoginStatus never gets called too.
Any help is appreciated.
// initialize the library with the API key
FB.init({ appId: 'myAppID',frictionlessRequests:true });
// fetch the status on load
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
} else if (response.status === 'not_authorized') {
alert("1. not");
// the user is logged in to Facebook,
// but has not authenticated your app
} else {
alert("2. alert");
// the user isn't logged in to Facebook.
}
});
$('#login').bind('click', function() {
FB.login(handleSessionResponse);
});
$('#logout').bind('click', function() {
FB.logout(handleSessionResponse);
});
$('#disconnect').bind('click', function() {
FB.api({ method: 'Auth.revokeAuthorization' }, function(response) {
clearDisplay();
});
});
// no user, clear display
function clearDisplay() {
$('#user-info').hide('fast');
}
// handle a session response from any of the auth related calls
function handleSessionResponse(response) {
// if we dont have a session, just hide the user info
alert("entered handleSessionResponse");
if (response.authResponse) {
alert('Welcome! Fetching your information.... ');
FB.api('/me', function(response) {
alert('Good to see you, ' + response.name + '.');
});
} else {
alert('User cancelled login or did not fully authorize.');
}
if (!response.session) {
clearDisplay();
return;
}
}
Have you changed the property myAppID to the ID of the Facebook app you are using?
FB.init({ appId: 'myAppID',frictionlessRequests:true });
The myAppID should contain a unique Facebook App ID which you can fetch on the Facebook App page. Maybe you just copied the code without changing this.

how to use facebook response global?

how can i this code to get user id in another functions and use as global variable??
function get_id() {
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and connected to your
// app, and response.authResponse supplies
// the user’s ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
uid = response.authResponse.userID;
accessToken = response.authResponse.accessToken;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
//but not connected to the app
} else {
// the user isn't even logged in to Facebook.
}
});
}
fb_user_id = get_id();
Your best bet would be to set this variable inside the function instead of assignment through calling:
(function(w) {
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and connected to your
// app, and response.authResponse supplies
// the user’s ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
w.fb_user_id = response.authResponse.userID;
w.accessToken = response.authResponse.accessToken;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
//but not connected to the app
} else {
// the user isn't even logged in to Facebook.
}
});
})(window);
Then later on in your page (provided the call is not dependent on this one immediately), you can access your variable anywhere on the page as the global variable fb_user_id (also known as window.fb_user_id.
If you need to run code as soon as the user ID is ready, you will need to use a callback. If you are using jQuery 1.5 you can also use jQuery Deferreds to help with the synchronicity issues:
var getUserId = function () {
return $.Deferred(function(d) {
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and connected to your
// app, and response.authResponse supplies
// the user’s ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var auth = response.authResponse;
d.resolve(auth.userID, auth.accessToken);
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
//but not connected to the app
d.reject();
} else {
// the user isn't even logged in to Facebook.
d.reject();
}
});
}).promise();
};
getUserId()
.done(function(userId, token) {
// userId and token are available in here
})
.fail(function() {
// run some code in here if not authorized
// or something else failed;
});
JavaScript is asynchronous in nature. You will have to call back to another function within the response function.

Categories

Resources