Geek Answers Handbook

Explain how the FB authentication feature works.

I am working on a site that will allow users to create an account. Then, site developers will be able to integrate this authentication system into their site and allow users to log in with the credentials to enter my sites. I want to do this in the same way that facebook connect works so that the user’s site does not need to be redirected to my site to log in, and then we return back to the page from which they came.

I know that facebook uses cookies, but I'm not sure how they check if they are logged in.

What I noticed:

  • If you have registered on facebook.com, you will go to usersite.com, which has Facebook Connect, it will show you that you are logged in.
  • If you log out of userssite.com, it will also log you out of Facebook.
  • If you log out of facebook.com and log in to userssite1.com, go to usersite2.com and you will also be logged into this site.

Because of this, it looks like they use cross-domain cookies or something like that, but I'm not sure how to do this.

Can someone find out how Facebook Connect works, explain how I can achieve this functionality in my own system?

+4
source share
2 answers

Facebook is making significant headway towards a solution based on OAuth 2.0. Our authentication guide and official OAuth 2.0 specification are good places to start.

+2
source

Facebook Connect requires you to create a new facebook app for logging in and authentication, so you really are not “out of facebook”. When you add facebook initialization code:

FB.init({ appId: AppID, status: true, cookie: true, xfbml: true });

and facebook connection code:

 <!-- Facebook required --> <div id="fb-root"></div> <!-- Facebook connect required --> <script src="http://connect.facebook.net/en_US/all.js"></script>

You link your application with facebook. If something in your facebook application is incorrect (application identifier, website URL or canvas URL in your facebook application), then the application will not work. And all incoming calls, for example, will cause an error.

Do not think of it as a completely separate entity from facebook. The application is very well connected with facebook.

Try making a facebook application using a connection. Then you can see which scripts are attached to the root and connect the script. This may give you a better idea of ​​what is happening (there is a lot)

More info from facebook / developers here

This page may also be useful.

0
source

More articles:


All Articles