How would you suggest implementing Facebook custom login?

[trueicecold]

Hey all,

I know it's not really a SFS issue, but since I need it on SFS, here goes
I'm creating a mobile app using sfs as the online engine and Facebook for login. Now, I could just use the email/userId to verify against the DB using sfs, but this is subject to fake.
Everyone can send another userId or email and presumably play as someone else. So I was thinking about passing the access token, which is encrypted and unique to sfs, and validate it using open graph actions on the server.

I assume sfs can create http requests? How "heavy" is this to validate the user sending an http request to Facebook?
Is there another way, maybe an easier one?

Thanks

[Lapo]

Hi,
just to mention... using FB anyone can similarly setup multiple accounts and login multiple times.

So I was thinking about passing the access token, which is encrypted and unique to sfs, and validate it using open graph actions on the server.

Ok. What is an "open graph action on the server"?

I assume sfs can create http requests? How "heavy" is this to validate the user sending an http request to Facebook?
Is there another way, maybe an easier one?

SFS doesn't deal with HTTP very much, Java does
In fact we ship a library called "Http Client" with SFS2X that can be used to call web services / pages.
http://hc.apache.org/httpclient-3.x/

It's a bit "heavy" in the sense that it will hold the Extension thread for some time. If you use SmartFoxServer 2.9 this won't be much of a concern since we have added auto-load balancing thread pools. The only "heaviness" is that the response to the client will take as long as the FB webservice takes to respond and validate the credentials.

For more details see here:
http://docs2x.smartfoxserver.com/Advanc ... extensions

hope it helps

[trueicecold]

Open graph action - going to a https url on facebook's domain, passing the auth token from the login operation so that it can provide the user data from that

Thanks for the HttpClient reference, is there a usage example to it? couldn't find it in the sfs page you put in your response

[Lapo]

See the first link in my previous post.
cheers

[trueicecold]

Hey Lapo,

So I've managed to perform fb call in the USER_LOGIN stage, and verify it against the database to get the chips count etc...
Since there is no user yet, I put the data retrieved from the database inside the session properties, and in the USER_JOIN_ZONE phase, I turn the session properties into user variables.

However, when the client (html5) gets the onLogin event, the user variables are {} (empty).
Does the onLogin fire after the login but before the user_join_zone phase, or after the user_join_zone as well? If so, how come my user variables are empty?

Thanks!

[Lapo]

hi,
it should work just fine.
When the client LOGIN event fires both server side events have completed their execution.

I would suggest to turn on the debug flag of the HTML5 API and watch the raw data received by the client. Let me know if you're seeing those variables.

thanks

[trueicecold]

Hey,

I found out what I was doing wrong. I used "user.setVariable" instead of sfsApi.setUserVariables, so it didn't fire the event to the client.

Took it from here:

http://forums.smartfoxserver.com/viewto ... ble#p71001

Thanks