Im currently developing an app in Cake 2.2.1, with Facebook integration via
the official Facebook SDK.
When a user logs in, I have a few functions in AppController.php to attempt
to get the logged in users details via the facebook->api('/me'); method in
a try...catch block, which allows me to determine whether the user has
granted permissions to the FB app associated with the site.
The function is called in the beforeFilter() of the AppController, and a
message is set via the setFlash method, inviting the user to join if need
The problem however...
If a user hasnt given permission, then there are no fb_xxxxxx_ variables
set in $_SESSION as you would expect, and when the user goes through the
authorisation process, and gives the app permission, they are returned back
to a callback page on the site, this does some db checks, etc and redirects
the user to the index page.
You would now expect, the $_SESSION would have fb_APPID_user_id,
fb_APPID_code, fb_access_token set, however, they are not, the user is
therefore still prompted as before, as if they were a non app-user. Now, if
the user either navigates to another page, or hits refresh on the current
page, the variables appear as expected.
The same happens in reverse, when a user revokes the permissions, and you
go to a page on the site, the fb_APPID_ variables are still set in
$_SESSION, you then have to either navigate AGAIN, or hit refresh AGAIN,
before the changes take effect.
Does anyone either have any suggestions, or have suffered this issue before
with $_SESSION not refreshing ?