0

为了检查 suer 是否提供了所有需要的权限,我这样做:

    FB.login(function(response){
             console.log(response.status);
            if (response.status == 'connected') {
               /* user gave permssions */
            }else{
                 /* user didnt, unmark the checkbox */
                 $('input:checkbox').removeAttr('checked');
            }
    }, { scope: 'publish_stream' });

问题是这总是返回 true,如果用户:登录、省略或关闭弹出窗口无关紧要。

知道为什么吗?

还尝试过: if (response.authResponse) { 没有成功..

4

2 回答 2

2

这里的问题是publish_stream扩展权限,这意味着用户可以选择退出该权限。一般来说,当用户点击回调中的代码块时,他们已经验证了您的应用程序,但不一定具有您要求的所有权限,因为其中一些权限可以扩展权限response.status仅用于传达用户是否已对应用程序进行身份验证的状态,而不是他们是否已接受您请求的所有对话框提示/权限。在您的情况下,publish_stream是扩展权限,因此您不能保证在回调中拥有该用户的权限。如果您要求publish_stream作为用户已经通过身份验证后的增量权限,那么您的条件检查response.status将始终返回 true(因为根据定义,用户已经对您的应用程序进行了身份验证)。

如果要验证您在回调中是否具有权限,请使用图形 api 上的端点publish_stream检查权限。/me/permissions

你想要的是这样的:

FB.login(function(response){
    if (response.status == 'connected') {
        FB.api('/me/permissions', function(response) {
            var permsArray = response.data[0];
            // Permissions that are needed for the app
            var permsNeeded = ['publish_stream'];
            var permsToPrompt = [];
            for (var i in permsNeeded) {
                if (permsArray[permsNeeded[i]] == null) {
                    permsToPrompt.push(permsNeeded[i]);
                }
            }

            if (permsToPrompt.length > 0) {
                $('input:checkbox').removeAttr('checked');
            }
         }
    } else {
        /* user didnt, unmark the checkbox */
        $('input:checkbox').removeAttr('checked');
    }
}, { scope: 'publish_stream' });
于 2012-05-21T22:31:06.333 回答
0

我不知道为什么,但至少下面的代码对我来说很好用~

window.fbAsyncInit = function() {
  FB.init({
  appId      : '<?php echo FACEBOOK_APP_ID ?>',
  status     : true, 
  cookie     : true,
  xfbml      : true,
  oauth      : true,
  });
 FB.getLoginStatus(function(response){
  if (response.status === 'connected') {
    // the user is logged in and has authenticated your
    // app, and response.authResponse supplies
    // the user's ID, a valid access token, a signed
    // request, and the time the access token 
    // and signed request each expire
    var uid = response.authResponse.userID;
    var accessToken = response.authResponse.accessToken;
    var signed_request = response.authResponse.signedRequest;
    // avoid using cookie
    self.location= "<?php echo site_url()?>/signup/fb_login/"+uid;

  } else if (response.status === 'not_authorized') {
    // the user is logged in to Facebook, 
    // but has not authenticated your app
    FB.login(function(response) {
    if (response.authResponse) {
      self.location="<?php echo site_url()?>/signup/fb_register";
      /* FB.api('/me', function(response) { */
      /*   }); */
    }  }, {scope: 'email,user_hometown'});
  } else { // unknown
    // the user isn't logged in to Facebook.
  }
});
  FB.Event.subscribe('auth.login', function(response) {
      window.location.reload();
    });
    FB.Event.subscribe('auth.logout', function(response) {
      window.location.reload();
    });
 };
(function(d){
 var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
  js = d.createElement('script'); js.id = id; js.async = true;
  js.src = "//connect.facebook.net/en_US/all.js";
  d.getElementsByTagName('head')[0].appendChild(js);
  }(document));

`

于 2012-05-21T15:47:57.173 回答