fb.login response always returns true
https://stackoverflow.com//questions/10687851
-
12-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
in order to check if the suer has given all the needed permissions, i do it so:
FB.login(function(response){
console.log(response.status);
if (response.status == 'connected') {
/* user gave permssions */
}else{
/* user didnt, unmark the checkbox */
$('input:checkbox').removeAttr('checked');
}
}, { scope: 'publish_stream' });
The problem is that this is allways returning true, it doesnt matter if user: logins, ommits or closes the popup.
any idea why?
Also tried: if (response.authResponse) { with no success..
Solution
The issue here is that publish_stream is an extended permission, which means the user can opt out of that permission. Generally speaking, when a user hits the block of code in your callback they have authenticated your app, but not necessarily with all of the permissions you asked for since some of them can be extended permissions. response.status is only used to communicate the status of whether the user has authenticated the application, not whether or not they have accepted all of the dialog prompts/permissions you have requested. In your case, publish_stream is an extended permission so you are not guaranteed to have that permission for the user in your callback. If you are asking for publish_stream as an incremental permission after a user has already authenticated, then your conditional check on response.status will always return true (since by definition the user has already authenticated your application).
If you want to verify you have the publish_stream permission in your callback, check for the permission using /me/permissions endpoint on the graph api.
What you want is something like this:
FB.login(function(response){
if (response.status == 'connected') {
FB.api('/me/permissions', function(response) {
var permsArray = response.data[0];
// Permissions that are needed for the app
var permsNeeded = ['publish_stream'];
var permsToPrompt = [];
for (var i in permsNeeded) {
if (permsArray[permsNeeded[i]] == null) {
permsToPrompt.push(permsNeeded[i]);
}
}
if (permsToPrompt.length > 0) {
$('input:checkbox').removeAttr('checked');
}
}
} else {
/* user didnt, unmark the checkbox */
$('input:checkbox').removeAttr('checked');
}
}, { scope: 'publish_stream' });
OTHER TIPS
I don't know why, but the following code works fine for me at least~
window.fbAsyncInit = function() {
FB.init({
appId : '<?php echo FACEBOOK_APP_ID ?>',
status : true,
cookie : true,
xfbml : true,
oauth : true,
});
FB.getLoginStatus(function(response){
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
var signed_request = response.authResponse.signedRequest;
// avoid using cookie
self.location= "<?php echo site_url()?>/signup/fb_login/"+uid;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
FB.login(function(response) {
if (response.authResponse) {
self.location="<?php echo site_url()?>/signup/fb_register";
/* FB.api('/me', function(response) { */
/* }); */
} }, {scope: 'email,user_hometown'});
} else { // unknown
// the user isn't logged in to Facebook.
}
});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
FB.Event.subscribe('auth.logout', function(response) {
window.location.reload();
});
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
`
