https://stackoverflow.com/questions/18192922
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI'm presuming by "still have my app on his account" you mean your app is still authorized to access that user's account with whatever permissions you've requested/the user granted when signing onto your site.
If you've followed Facebook's instructions on implementing Facebook Login for Web on your site (https://developers.facebook.com/docs/facebook-login/getting-started-web/) you are probably already set to handle user revoking FB permissions from your app (or deleting your app from those allowed access to his/her account). Basically, when a user accesses your site and uses Facebook login you send a request to FB API to check their current login status:
https://developers.facebook.com/docs/facebook-login/login-flow-for-web/#checklogin
and if the returned result indicates that they are, in fact, logged in to Facebook but not your app you need to ask them to authorize your application (pretty much follow the same flow as the first time they signup for your site with Facebook Login excluding the part of creating a new account on your site for them):
https://developers.facebook.com/docs/facebook-login/login-flow-for-web/#login
which would add it back to their account until deleted again. Remember to update your auth tokens for that user when they re-authorize your app.
----Edit---
Are you using PHP SDK library provided by Facebook or your own? In either case you should be storing user's login status in your app as well as the access token that you received from FB. You need to use these every time a user accesses your site (just like any other site that requires user authentication logic).
These are FB instructions on checking user's login status: https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/
Here's a quick code redux (using Facebook's PHP SDK library) that works for my apps (with error handling removed for code brevity/clarity). The Facebook PHP SDK library is loaded into
$this->facebook
prior to the function code below.
function facebook_login(){
$user = (int)$this->facebook->getUser();
/*the above line will get you either facebook user id in case of user being already logged in to Facebook and your app or 0 otherwise*/
if($user){
if(!$this->have_access_token(/*...*/)){
/* if you don't have user's FB access token in local storage you need to obtain and set it now */
$this->facebook->setExtendedAccessToken(); // Get a long-lived access token
$userAccessToken = $this->facebook->getAccessToken(); // Set the user's access token
$this->save_access_token('access_token', $userAccessToken); // Store to prevent unnecessary API calls
} else {
$userAccessToken = $this->get_user_access_token(/*...*/); // Set the user's access token from local app storage
}
if (!empty($userAccessToken)) {
/*the $user variable now contains facebook_id of the current user
you can do whatever else you need with it at this point
*/
}
} else {
// The user has not been authenticated--generate a new login url and show FB login dialogue
$fbLoginParams = array(
'scope' => '[your permissions requirements here]',
'redirect_uri' => '[your redirect url here]'
);
$login_url = $this->facebook->getLoginUrl($fbLoginParams);
header("Location: " . $login_url);
}
}
If for whatever reason you wrote your own library you can probably devise similar functionality from the FB instructions, the code snippet above, and definitely take a look at the functions used in the code above in Facebook's PHP lib.
