7

What's going on:

I have a backend server where I have the information of each individual user. Twitter and Facebook authentication is a common way of letting the user access one's application nowadays, so it was decided that he/she should be able use those platforms + the classic way (email + password)

The question:

After an user as logged in using Facebook and I receive a call back stating that it was successfully (for example with the SDK):

- (void)sessionStateChanged:(FBSession *)session
                      state:(FBSessionState) state
                      error:(NSError *)error
{
    switch (state) {
        case FBSessionStateOpen:
            if (!error) {
                // We have a valid session
                NSLog(@"User session found");
            }
            break;
        case FBSessionStateClosed:
        case FBSessionStateClosedLoginFailed:
            [FBSession.activeSession closeAndClearTokenInformation];
            break;
        default:
            break;
    }

  1. How is it possible to pass now the credentials to the server, in order to access our own endpoints?

  2. How can the backend know that this specific user that is making a request is in fact authenticated (or registered) in your backend?

  3. What role does the app we create on facebook side (https://developers.facebook.com/apps/) has in this?

4

1 回答 1

2
  1. 您可以使用获取 OAuth 令牌FBSession.activeSession.accessToken
  2. 我假设您将存储所有注册用户的电子邮件。您可以使用以下方式获取有关用户的信息:-[FBRequestConnection startForMeWithCompletionHandler:]。这将返回一个FBGraphUser包含电子邮件/姓名以及其他详细信息的实例。
  3. 您的 FB 应用程序在此过程中并没有真正发挥重要作用。当 FB 请求用户许可时,将显示应用程序和图标的描述。如果您在用户的提要上发布任何内容,则会显示一个小图标。您可以将您的 FB 应用页面链接到您的网站。
于 2013-05-03T13:31:38.943 回答