在不刷新页面的情况下扩展身份验证令牌 [英] Extend auth token without refreshing the page

问题描述

用户希望在不刷新浏览器的情况下使用我的 Facebook 应用数小时.
但是令牌会在 2 小时后过期.现在我要求用户刷新页面，但这很烦人.
我不想询问离线访问权限，因为它会吓到一些用户.

Users want to use my facebook app for many hours without refreshing the browser.
But token expires in 2 hours. Now I ask users to refresh the page but that's annoying.
I don't want to ask offline access permissions because it will scare some users.

最好的解决方案是以某种方式重新登录"并在不刷新页面的情况下获取新令牌.可能吗?

The best solution will be somehow "relogin" and get new token without refreshing the page. Is it possible?

推荐答案

我会订阅到期触发器(我认为这是 authResponseChange)，然后自动进行另一次登录检查.这不会是一个完美的解决方案，因为它可能会自动触发弹出窗口(例如，如果他们已注销)，许多浏览器可能会阻止该弹出窗口.相反，您可以在令牌过期时检查他们是否需要完成弹出窗口，并在您的页面某处显示一条通知，说Facebook 需要您注意继续"，然后仅从他们的响应中启动弹出窗口，这将阻止弹出窗口被阻止.

I would subscribe to the expiry trigger (I think this is authResponseChange), then automate another login check. It won't be a perfect solution as it could trigger a pop up (if they have logged out for example) automatically, which a lot of browsers may block. You could instead, when the token expires, check if they will need to complete a pop up, and display a notification on your page somewhere saying 'Facebook needs your attention to continue', then only launch the pop up from their response, which would stop the pop up being blocked.

FB.Event.subscribe('auth.authResponseChange', function(response) {
  // do something with response
  FB.login(){
    // refresh their session - or use JS to display a notification they can 
    // click to prevent pop up issues
  }
});

这篇关于在不刷新页面的情况下扩展身份验证令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！