-
Notifications
You must be signed in to change notification settings - Fork 954
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments misleading for routine 'get_user_from_cookie' #63
Comments
I am not sure that I understand this. If you are using server-side authentication, you should not be using Let me know if I am missing something here. |
I was probably not clear. I am using client-side auth and I meant the associated processing on the server side to get the access_token from the cookie. |
That clarifies things, but I still do not understand this issue. The "fbsr" cookie is created and deleted by the JavaScript SDK. If the user has not authenticated with Facebook, the cookie will not exist, and It would help if you could provide steps that explain how to reproduce this issue. |
I think I am at wrong here. I was mentioning about the call for getting the access_token in lieu of the code. A couple of days back when I was manually testing the exchange process from a python shell, I had a test case where I log out before I call the So, effectively, there is no problem with the comment of |
From the server side when you use the graph API for access_token, you get it irrespective of the fact whether the user is logged in or not.
Given this, the 3rd paragraph of this routine which mentions of returning a dict with uid and access_token only if the user is logged in is not right.
Correcting this will help new comers (like me) who read the code before adopting it.
Best,
Ethan
The text was updated successfully, but these errors were encountered: