1

I am using the PHP SDK on my website. I have developed a registration form and login form.

The facebook login link is generated, the user clicks and authorises the app. They are redirected to my site and have an access token.

I can use API call such as $this->facebook->api('/me/'); I put the call within a try statement and catch any exceptions.

It works perfectly.

The problem is that randomly my access token will expire, as such the api all cannot complete and the exception is caught. I don't know why this is, but what i want to do is seamlessly refresh the access token.. i.e get a new one and continue the users session on the site seamlessly.

What i thus do is save their location in a session, redirect the user to the facebook login page in the catch statement, and then on successfully re-logging in the user redirecting back to where they were.

This works, but there is a problem. Having this:

            try
        {
            $me = $CI->facebook->api('/me');
        }
            catch(FacebookApiException $e) 
        {               
    //redirect to fb login lin
        }

on every page essentially doubles the page load time of every page on the site - the Facebook PHP SDK is inherently slow.

Instead of 1 second page loads, they are taking 2-3 seconds. I have benchmarked it, and it is because of this try/catch..

What can i do? HOw can i maintain/refresh an access key for an authorised user without huge load time costs to my users?

4

1 回答 1

2

编辑:我建议的解决方案使用直接OAuth 2.0调用使用 PHP 进行身份验证,然后使用 PHP SDK 进行其余的 Facebook API 调用。

  1. 按照Facebook 开发人员文档access_token中的步骤最初获取一个。
  2. 在第 6 步,您将获得access_token90 天的更长有效期。
  3. 现在,一旦您获得了扩展的,您可以通过调用Facebook::setAccessTokenaccess_token使 PHP SDK 使用相同的
  4. 存储Facebook对象$_SESSION以便从其他页面进行 api 调用。

此外,您可以继续并access_token永久保存此扩展(在数据库中)。这将完全消除用于登录过程的 Facebook 通信。但是,请确保您已采取必要的安全预防措施来保护access_token(出于显而易见的原因)并且您的隐私政策声明相同。

于 2013-01-06T17:17:27.073 回答