Facebook Connect(C#SDK)-如何查看用户是否已通过FB身份验证，但不强制? [英] Facebook Connect (C# SDK) - How to See if User is Authenticated to FB, But Don't Force?

问题描述

我正在使用Facebook C#SDK在Facebook Connect和ASP.NET MVC 3网站之间实现单一登录.

I'm implementing a single sign on between Facebook Connect and my ASP.NET MVC 3 website, using the Facebook C# SDK.

现在，单点登录的一部分是:

Now, part of the single sign on is:

如果用户通过了Facebook的身份验证，但未通过我的网站的身份验证，请查看他们是否已连接到我的系统，如果已连接，请执行一次登录(使用Forms Auth).

If the user is authenticated to Facebook, but not to my website, see if they are connected in my system and if so, perform a single sign on (using Forms Auth).

现在，我不知道如何查看用户是否已通过身份验证".我正在使用OAuth进行服务器端身份验证，因此我不想强迫他们通过登录页面登录，而只是进行无声检查.如果未通过身份验证，我将不做任何事情-我将等待他们单击与Facebook连接"按钮.

Now, i don't know how to "see if the user is authenticated". I'm using OAuth for server-side authentication, so i don't want to force them to sign in via the login page, just a silent check. If they're not authenticated, i wont do anything - i'll just wait for them to click the "Connect with Facebook" button.

我们可以使用JavaScript API做到这一点-我们可以在服务器端做到这一点吗?

We can do this with the JavaScript API - can we do it server-side?

我基本上希望与 FB.getLoginStatus 通过Graph API.

I basically want the equivalent of FB.getLoginStatus via the Graph API.

肯定有一种服务器端的方式-至少(如果不是通过Graph API，旧的REST api或FQL)?

Surely there must be a way server-side - at least if not via the Graph API, the old REST api or FQL?

推荐答案

经过数天的网上搜索，包括Graph API，旧的REST API，FQL等-似乎JavaScript SDK是唯一允许这样做的工具信息，而无需事先拥有访问令牌.

After days of hunting around the net, including the Graph API, old REST API, FQL, etc - it seems the JavaScript SDK is the only one that allows this information without having a access token beforehand.

所以，我不得不使用JavaScript SDK:

So, i had to use the JavaScript SDK:

<div id="fb-root"></div>
<script type="text/javascript">
    window.fbAsyncInit = function () {
        FB.init({ appId: 'xxxxxxx', status: true, cookie: false, xfbml: false
        });
        FB.getLoginStatus(function (response) {
            if (response.session)
                window.location = '/Facebook/LogOn'
        });
    };
    (function () {
        var e = document.createElement('script');
        e.async = true;
        e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
        document.getElementById('fb-root').appendChild(e);
    } ());
</script>

基本上，我首先异步地加载JS API以避免阻塞.

Basically, i first load the JS API aysynchonrously to avoid blocking.

然后我查看用户是否有Facebook会话.如果他们这样做了，我将重定向到我的 FacebookController ，后者将执行OAuth重定向(该令牌将立即返回，因为它们已经通过身份验证)，然后设置我自己的cookie.

I then see if the user has a Facebook session. If they do, i redirect to my FacebookController, which does the OAuth redirect (which will come back straight away with the token - since they're already auth'ed), with then sets my own cookie.

然后启动我的全局操作过滤器，看到其中有一个cookie，然后将用户登录.很好.

My global action filter then kicks in, sees there is a cookie, and logs the user in. Nice.

请注意我的 cookie:否-这是因为我正在跟踪自己的Cookie，以获取OAuth令牌和FB ID.

Note how i have cookie: false - this is because i'm tracking my own cookies for the OAuth token and FB ID.

这篇关于Facebook Connect(C#SDK)-如何查看用户是否已通过FB身份验证，但不强制?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！