Im currently developing an app in Cake 2.2.1, with Facebook integration via the official Facebook SDK.
When a user logs in, I have a few functions in AppController.php to attempt to get the logged in users details via the facebook->api('/me'); method in a try...catch block, which allows me to determine whether the user has granted permissions to the FB app associated with the site.
The function is called in the beforeFilter() of the AppController, and a message is set via the setFlash method, inviting the user to join if need be.
The problem however...
If a user hasnt given permission, then there are no fb_xxxxxx_ variables set in $_SESSION as you would expect, and when the user goes through the authorisation process, and gives the app permission, they are returned back to a callback page on the site, this does some db checks, etc and redirects the user to the index page.
You would now expect, the $_SESSION would have fb_APPID_user_id, fb_APPID_code, fb_access_token set, however, they are not, the user is therefore still prompted as before, as if they were a non app-user. Now, if the user either navigates to another page, or hits refresh on the current page, the variables appear as expected.
The same happens in reverse, when a user revokes the permissions, and you go to a page on the site, the fb_APPID_ variables are still set in $_SESSION, you then have to either navigate AGAIN, or hit refresh AGAIN, before the changes take effect.
Does anyone either have any suggestions, or have suffered this issue before with $_SESSION not refreshing ?
> Im currently developing an app in Cake 2.2.1, with Facebook integration > via the official Facebook SDK.
> When a user logs in, I have a few functions in AppController.php to > attempt to get the logged in users details via the facebook->api('/me'); > method in a try...catch block, which allows me to determine whether the > user has granted permissions to the FB app associated with the site.
> The function is called in the beforeFilter() of the AppController, and a > message is set via the setFlash method, inviting the user to join if need > be.
> The problem however...
> If a user hasnt given permission, then there are no fb_xxxxxx_ variables > set in $_SESSION as you would expect, and when the user goes through the > authorisation process, and gives the app permission, they are returned back > to a callback page on the site, this does some db checks, etc and redirects > the user to the index page.
> You would now expect, the $_SESSION would have fb_APPID_user_id, > fb_APPID_code, fb_access_token set, however, they are not, the user is > therefore still prompted as before, as if they were a non app-user. Now, if > the user either navigates to another page, or hits refresh on the current > page, the variables appear as expected.
> The same happens in reverse, when a user revokes the permissions, and you > go to a page on the site, the fb_APPID_ variables are still set in > $_SESSION, you then have to either navigate AGAIN, or hit refresh AGAIN, > before the changes take effect.
> Does anyone either have any suggestions, or have suffered this issue > before with $_SESSION not refreshing ?
