How to control the “flow” of an ASP.NET MVC (3.0) web app that relies on Facebook membership, with Facebook C# SDK?

StackOverflow https://stackoverflow.com/questions/4610851

  •  25-09-2019
  •  | 
  •  

Question

I want to totally remove the standard ASP.NET membership system and use Facebook only for my web app's membership. Note, this is not a Facebook canvas app question.

Typically, in an ASP.NET app you have some key properties & methods to control the "flow" of an app. Notably: Request.IsAuthenticated, [Authorize] (in MVC apps), Membership.GetUser() and Roles.IsUserInRole(), among others. It looks like [FacebookAuthorize] is equivalent to [Authorize]. Is fbApp.Session != null essentially the same as Request.IsAuthenticated?

Also, there's some standard work I do across all controllers in my site. So I built a BaseController that overrides OnActionExecuting(FilterContext). Typically, I populate ViewData with the user's profile within this action. Would performance suffer if I made a call to fbApp.Get("me") in this action?

I use the Facebook Javascript SDK to do registration, which is nice and easy. But that's all client-side, and I'm having a hard time wrapping my mind around when to use client-side facebook calls versus server-side. There will be a point when I need to grab the user's facebook uid and store it in a "profile" table along with a few other bits of data. That would probably be best handled on the return url from the registration plugin... correct?

On a side note, what data is returned from fbApp.Get("me")?

Was it helpful?

Solution

The Facebook C# SDK provides an action filter called [FacebookAuthorize] that will handle the authentication like you describe. And yes, fbApp.Request == null is the correct way to determine if the user is authenticated. I think I'll add a property on the next release called IsAuthenticated to make it easier.

You are correct in using the Javascript SDK for login. Basically, how it works is the Javascript side creates the cookie that FacebookApp reads and verifies. For a non-canvas app you basically have to use the Javascript SDK. You could do it all manually with OAuth, but that would be a huge pain.

And regarding the result of fbApp.Get("me") the result is a JsonObject. You can access it two ways:

// Using dynamic (.Net 4.0 only)
var app = new FacebookApp();
dynamic me = app.Get("me");
string firstName = me.first_name;
string lastName = me.last_name;
string email = me.email;

// Using IDictionary<string, object> (.Net 3.5, .Net 4.0, WP7)
var app = new FacebookApp();
var me = (IDicationary<string,object>)app.Get("me");
string firstName = (string)me["first_name"];
string lastName = (string)me["last_name"];
string email = (string)me["email"];

We have more code samples on our Codeplex wiki.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top