You cannot access this page directly - HybridAuth Social Login

Question

I am using HybridAuth social plugin in my website to login from facebook and other websites,

everything is working fine, but when I checked on other computers, there is an error:

You cannot access this page directly

and I noticed that the error comes when the browser use WWW in the address bar, the browser on same computer eg: opera not using the www so there is no error on those browser.

Please help me how can I fix this error so login can be done from any browser.

Answer 1

The reasen is because Facebook callback in different php-session and cant access config info from caller session. Look at Endpoint.php if ( ! $storage->config( "CONFIG" ) ) ... The rason was because I use in my site with 127.0.0.1 but return_uri was with localhost because of Facebook restrictions. PHP builds different sessions in this case.

Answer 2

adding "www." to the URL resolves the issue.

Answer 3

After adding this on top of my controller it started working

if (session_status() == PHP_SESSION_NONE) {
    @session_id($_COOKIE['CAKEPHP']);
    @session_start();
    @session_name('CAKEPHP');
}

Read here https://github.com/hybridauth/CakePHP-HybridAuth/pull/1

Answer 4

Those who are facing error message "You cannot access this page directly."

Try after adding @session_start(); statement at the top of your files.

Answer 5

This could be related by using a custom session handler which is set by session_set_save_handler(). I resolved this issue by adding our own custom session handler at the top of hybridauth/index.php (located in the same dir as config.php and live.php). This forces Hybrid Auth to use your custom session handler.