-
Notifications
You must be signed in to change notification settings - Fork 952
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue with offline_access permission #13
Comments
Are you saying that if you request |
I don't believe so, but it appears that the JS API does not solely look at the |
I think I did a poor job explaining the issue. Essentially it boils down to the python SDK not having the ability to tell if the user is actually logged into Facebook or not. Just relying on the To deal with this, I plan to rely on the JS API by calling Hopefully that clears things up a bit. |
I took a cursory look at the PHP SDK and the Graph API documentation, and did not see any server-side method to retrieve a user's logged-in status. As far as I can tell, the purpose of the I think using |
I just checked the Graph API documentation, and am relatively certain that our current implementation is correct. Requesting If your application is dependent on a user being logged in to Facebook, you should not be requesting the |
If you request the offline_access permission, the python sdk will think the user is logged in while the Facebook JS API thinks otherwise if the user is not actually logged into FB. It appears that two additional cookies are set "act", and "csm" and are removed by the JS API when you call FB.logout(). The "fbsr_" cookie is NOT removed by the JS API if the user has granted the offline_access permission.
I'm not sure exactly what these cookies are used for, but it seems that the python sdk may need to know about them to be consistent with the JS API.
The text was updated successfully, but these errors were encountered: