All geek questions in one place

Log in to my system via Facebook using PHP

I am working on a member ordering system, and I would like to allow the user without registration, they can directly log into Facebook.

The problem is what is the data flow in this approach ? For example, does Facebook return a user account / ID / email or any other information so that I can insert them into my system, or is it just a session that indicates that he / she is logged in?

In addition, I would like to receive their phone number (for order confirmation). If a visitor has not indicated it in his Facebook account, how to handle the case ?

Below is the code after my research, but it seems that only an ID member can be returned?

<?php define('YOUR_APP_ID', 'YOUR APP ID'); //uses the PHP SDK. Download from https://github.com/facebook/php-sdk require 'facebook.php'; $facebook = new Facebook(array( 'appId' => YOUR_APP_ID, 'secret' => 'YOUR APP SECRET', )); $userId = $facebook->getUser(); ?> <html> <body> <div id="fb-root"></div> <?php if ($userId) { $userInfo = $facebook->api('/' . $userId); ?> Welcome <?= $userInfo['name'] ?> <?php } else { ?> <fb:login-button></fb:login-button> <?php } ?> <div id="fb-root"></div> <script> window.fbAsyncInit = function() { FB.init({ appId : 'YOUR_APP_ID', // App ID channelUrl : '//WWW.YOUR_DOMAIN.COM/channel.html', // Channel File status : true, // check login status cookie : true, // enable cookies to allow the server to access the session xfbml : true // parse XFBML }); FB.Event.subscribe('auth.login', function(response) { window.location.reload(); }); }; // Load the SDK Asynchronously (function(d){ var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0]; if (d.getElementById(id)) {return;} js = d.createElement('script'); js.id = id; js.async = true; js.src = "//connect.facebook.net/en_US/all.js"; ref.parentNode.insertBefore(js, ref); }(document)); </script> </body> </html>
+6
source share
6 answers

I am using the SDK for PHP in the project right now, this is how I request user data:

 // If user is not logged in, set the login URL asking for permissions if( $userId == 0 ) { // Generate a login url $url = $facebook->getLoginUrl( array( 'scope' => 'email, user_status' ) ); ... Your Login button ... } else { // Get user info $userdata = $facebook->api( '/me' ); $data = array( 'first_name' => $userdata['first_name'], 'last_name' => $userdata['last_name'], 'username' => $userdata['username'], 'email' => $userdata['email'], 'languages' => $userdata['languages'], 'locale' => $userdata['locale'], 'timezone' => $userdata['timezone'], 'gender' => $userdata['gender'], 'location' => $userdata['location'], 'hometown' => $userdata['hometown'], ); print_r( $data ); }
+1
source

Well, you noticed on your line where you have this:

 <?php if ($userId) { $userInfo = $facebook->api('/' . $userId); ?> Welcome <?= $userInfo['name'] ?> <?php } else { ?> <fb:login-button></fb:login-button> <?php } ?>

Instead of using $ userId, you can do this:

 $userInfo = $facebook->api('/me','GET');

This will give you information about the currently registered user.

Now, the data returned by the facebook API depends on the permissions that you request from the user when the user grants permission to your site. Here you can find the list of user object data to be returned, and the corresponding permission for this, if necessary. https://developers.facebook.com/docs/reference/api/user/

Since some of the data you require, such as a mobile phone number or email address, is not required on facebook, perhaps the best approach for you is to use the registration form: https://developers.facebook.com/docs/plugins/registration/

The registration plugin allows people to easily register on your site with their Facebook account. A plugin is a simple iframe that you can get on your page. When you enter Facebook, people see a form that is filled with their information on Facebook, where necessary.

The registration plugin allows you to request additional information that is not available through the Facebook API (for example, your favorite movie). The plugin also allows people who do not have a Facebook account, or do not want to subscribe to your site using Facebook - use the same form as those who are connected to Facebook. This eliminates the need to provide you with two separate logins.

+4
source

You can use the following URL to find out what information you can get from Facebook.

https://developers.facebook.com/tools/explorer

itโ€™s easy to understand the information we can get from Facebook.

My personal suggestion is to stick with the java-script API for integrating with Facebook, I found it more useful. To use the Facebook API to get information about any user, you need an access token, so the flow should obviously start from there, and then initialize each of your requests, if the phone number does not exist with the Facebook account, after processing the answer, it should request phone numbers numbers in an alternative way, I hope the above URL helps you understand what kind of user information you can request on Facebook.

+2
source

I would recommend you use a well-tested library like Opauth or HybridAuth .

With their help, you can request additional data that Facebook has stored. You can also use other sites, such as Google or Twitter, for authentication.

Be sure to follow the recommendations of Facebook and do not immediately ask for all the permissions. At the very least, try logging in as a Facebook user and see if the user has only one permission request dialog. Some permissions (for example, creating an event) are requested several times to authorize users. This is a sure way to get them to leave your site.

See what it looks like you cannot be sure that the email address has been verified by Facebook .

+1
source

Although this is not a direct answer, I would advise you to study the implementation of this cake-php plugin in github

https://github.com/webtechnick/CakePHP-Facebook-Plugin

+1
source

If you're coming with PHP, why not use the PHP shell API provided by FB, not JS. I used HybridAuth for my PHP projects and you should try, the advantage is that you can easily add more providers in the future like Google, Twitter, without having to go through each API when you think it's time to integrate more social functions.

+1
source

Source: https://habr.com/ru/post/955855/

More articles:


All Articles