Facebook访问令牌[Javascript SDK] [英] Facebook Access Token [Javascript SDK]
问题描述
我正在为我的网站写Facebook登录.我正在使用Javascript Sdk,但我不了解一件事.
function fbLogin() {
FB.login(function(response) {
if (response.authResponse) {
var token=response.authResponse.accessToken;
FB.api('/me', function(response) {
$.get('main/check_facebook_status/'+token,function(data) {
if (data == "true") {
$('#r_name').val(response.name);
$('#r_username').val(response.username);
$('#r_email').val(response.email);
$('#fbid').val(response.id);
$('#fbtoken').val(token);
}
})
});
} else {
console.log('User cancelled login or did not fully authorize.');
}
}, {scope: 'email, publish_stream'});
}
我可以信任他访问令牌(response.authResponse.accessToken)来标识用户吗? Facebook可以更改访问令牌吗?如果更改访问令牌,我如何识别用户?
Ps:对不起,英语不好
我可以信任他访问令牌(response.authResponse.accessToken)来识别用户吗?
当然可以!
Facebook可以更改访问令牌吗?
不.但是它会在2小时后过期,因此您必须再次获取令牌.如果您以后想使用此令牌,请执行以下操作:您可以将令牌的寿命延长至60天.
您可以在此处了解更多有关访问令牌的信息.. >
在以下情况下,令牌也会失效-
- 用户更改密码
- 用户取消对应用程序的授权
- 用户删除了应用程序
I am writing Facebook login for my site.I am using Javascript Sdk,but I don't understand one thing.
function fbLogin() {
FB.login(function(response) {
if (response.authResponse) {
var token=response.authResponse.accessToken;
FB.api('/me', function(response) {
$.get('main/check_facebook_status/'+token,function(data) {
if (data == "true") {
$('#r_name').val(response.name);
$('#r_username').val(response.username);
$('#r_email').val(response.email);
$('#fbid').val(response.id);
$('#fbtoken').val(token);
}
})
});
} else {
console.log('User cancelled login or did not fully authorize.');
}
}, {scope: 'email, publish_stream'});
}
Can I trust he access token(response.authResponse.accessToken) for identify the user ? Can facebook change the access token ? If changes the access token how can I identify the user ?
Ps:Sorry for bad english
Can I trust he access token(response.authResponse.accessToken) for identify the user?
Of-course yes!
Can Facebook change the access token ?
Nope. But it expires after 2 hours, so you have to get the token again. If you want to use this token in future; you can extend the life of the token to 60 days.
You can read more about access tokens here.
[Edit]
The token also becomes invalidated in the following cases-
- User changes the password
- User de-authorizes the app
- User removes the app
这篇关于Facebook访问令牌[Javascript SDK]的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!