Javascript fb.login响应始终返回true
为了检查suer是否已授予所有所需的权限,我这样做:Javascript fb.login响应始终返回true,javascript,jquery,facebook,facebook-login,Javascript,Jquery,Facebook,Facebook Login,为了检查suer是否已授予所有所需的权限,我这样做: FB.login(function(response){ console.log(response.status); if (response.status == 'connected') { /* user gave permssions */ }else{ /* user didnt, unma
FB.login(function(response){
console.log(response.status);
if (response.status == 'connected') {
/* user gave permssions */
}else{
/* user didnt, unmark the checkbox */
$('input:checkbox').removeAttr('checked');
}
}, { scope: 'publish_stream' });
问题是,这总是返回真的,不管用户:登录、ommits还是关闭弹出窗口
知道为什么吗
也尝试过:if(response.authResponse){没有成功..我不知道为什么,但是下面的代码至少对我来说很好~
window.fbAsyncInit = function() {
FB.init({
appId : '<?php echo FACEBOOK_APP_ID ?>',
status : true,
cookie : true,
xfbml : true,
oauth : true,
});
FB.getLoginStatus(function(response){
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
var signed_request = response.authResponse.signedRequest;
// avoid using cookie
self.location= "<?php echo site_url()?>/signup/fb_login/"+uid;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
FB.login(function(response) {
if (response.authResponse) {
self.location="<?php echo site_url()?>/signup/fb_register";
/* FB.api('/me', function(response) { */
/* }); */
} }, {scope: 'email,user_hometown'});
} else { // unknown
// the user isn't logged in to Facebook.
}
});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
FB.Event.subscribe('auth.logout', function(response) {
window.location.reload();
});
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
window.fbAsyninit=function(){
FB.init({
appId:“”,
状态:正确,
曲奇:是的,
xfbml:是的,
真的,
});
FB.getLoginStatus(函数(响应){
如果(response.status===“已连接”){
//用户已登录并已验证您的身份
//app和response.authResponse提供
//用户ID、有效访问令牌、签名
//请求,以及访问令牌的时间
//和签名的请求都将过期
var uid=response.authResponse.userID;
var accessToken=response.authResponse.accessToken;
var signed_request=response.authResponse.signedRequest;
//避免使用cookie
self.location=“/signup/fb_login/”+uid;
}else if(response.status===“未授权”){
//用户已登录到Facebook,
//但尚未验证您的应用程序
FB.登录(功能(响应){
if(response.authResponse){
self.location=“/signup/fb_register”;
/*api('/me',函数(响应){*/
/* }); */
}},{scope:'email,user_homely'});
}否则{//未知
//用户未登录到Facebook。
}
});
FB.Event.subscribe('auth.login',函数(响应){
window.location.reload();
});
FB.Event.subscribe('auth.logout',函数(响应){
window.location.reload();
});
};
(职能(d){
var js,id='facebook jssdk';if(d.getElementById(id)){return;}
js=d.createElement('script');js.id=id;js.async=true;
js.src=“//connect.facebook.net/en_US/all.js”;
d、 getElementsByTagName('head')[0].appendChild(js);
}(文件);
`这里的问题是,
发布流是一个,这意味着用户可以选择退出该权限。一般来说,当用户点击回调中的代码块时,他们已经验证了你的应用程序,但不一定具有你要求的所有权限,因为其中一些权限是可以的。response.status
is仅用于传达用户是否已验证应用程序的状态,而不是他们是否已接受您请求的所有对话框提示/权限。在您的情况下,publish\u stream
是一个扩展权限,因此不保证您在回调中拥有该用户的权限。如果在用户已进行身份验证后,请求将publish\u stream
作为增量权限,则您对response.status
的条件检查将始终返回true(因为根据定义,用户已对您的应用程序进行了身份验证)
如果要验证您在回调中是否具有publish\u stream
权限,请使用graph api上的/me/permissions
端点检查该权限
你想要的是这样的:
FB.login(function(response){
if (response.status == 'connected') {
FB.api('/me/permissions', function(response) {
var permsArray = response.data[0];
// Permissions that are needed for the app
var permsNeeded = ['publish_stream'];
var permsToPrompt = [];
for (var i in permsNeeded) {
if (permsArray[permsNeeded[i]] == null) {
permsToPrompt.push(permsNeeded[i]);
}
}
if (permsToPrompt.length > 0) {
$('input:checkbox').removeAttr('checked');
}
}
} else {
/* user didnt, unmark the checkbox */
$('input:checkbox').removeAttr('checked');
}
}, { scope: 'publish_stream' });
“返回true”是什么意思?您不应该对FB.login的返回值执行任何操作,因为它是异步的。if(response.status=='connected')它始终为true。因此,response.status是“connected”,即使用户发出或关闭了权限对话框请求。