Facebook Developers

reggieband · 2008-10-21 10:59:58

Hi all,

I'm playing around with facebook connect using Google App Engine and when I took a look inside the current python API I noticed the session management doesn't conform to the Connect API for authentication as seen here:
http://wiki.developers.facebook.com/ind … nect_Sites

I'm using the Python API from here:
http://wiki.developers.facebook.com/index.php/Python

Does anybody have up-to-date API's for using facebook connect with Python?

Thanks,
James.

reggieband · 2008-10-21 15:07:41

I've pulled together a couple of functions that seem to do the trick for authentication:

Code:

    def check_connect_session(self, request):
        """
        For use in a facebook Connect application running in Google App Engine
        Takes a Google App Engine Request
        http://code.google.com/appengine/docs/webapp/requestclass.html
        and determines if the current user has a valid session
        """

        # our session is stored in cookies - validate them
        params = self.validate_cookie(request.cookies)
        
        if not params:
            return False

        if params.get('expires'):
            self.session_key_expires = int(params['expires'])

        if 'session_key' in params and 'user' in params:
            self.session_key = params['session_key']
            self.uid = params['user']
        else:
            return False

        return True


    def validate_cookie(self, cookies):
        """
        Validates parameters passed to a Facebook connect app through cookies

        """
        # check for the hashed secret
        if self.api_key not in cookies:
            return None

        # create a dict of the elements that start with the api_key
        # the resultant dict removes the self.api_key from the beginning
        args = dict([(key[len(self.api_key) + 1:], value) 
                        for key, value in cookies.items() 
                        if key.startswith(self.api_key + "_")])

        # check the hashes match before returning them
        if self._hash_args(args) == cookies[self.api_key]:
            return args

        return None

I make no guarantee that they do exactly the right thing (since the docs aren't exactly specs) but so far they work for me. I use them like so:

Code:

class MainPage(webapp.RequestHandler):
    def post(self):
        self.get()

    def get(self):

        facebookapi = Facebook(API_KEY, SECRET);

        if not facebookapi.check_connect_session(self.request):
            path = os.path.join(os.path.dirname(__file__), 'templates/login.html')
            self.response.out.write(template.render(path, {'apikey': API_KEY}))
            return

        user = facebookapi.users.getInfo( 
            [facebookapi.uid], 
            ['uid', 'name', 'birthday', 'relationship_status'])[0]

        template_values = {
            'name': user['name'],
            'birthday': user['birthday'],
            'relationship_status': user['relationship_status'],
            'uid': user['uid'],
            'apikey': API_KEY
          }

        path = os.path.join(os.path.dirname(__file__), 'templates/index.html')
        self.response.out.write(template.render(path, template_values))

I wouldn't mind having this merged into the pyfacebook trunk so I don't have to worry about an update overwriting my changes. Any chance a dev can look over this, clean it up and add it?

Thanks,
James

bokrampf · 2009-01-20 22:39:38

James,

Implemented this and it works great! i'll try to take a closer look and give you some input soon.

Thanks
Gee

bokrampf · 2009-02-01 19:43:47

Hi James, all,

Using the methods above I was able to get offline_access from the user, and then subsequently get and save their infinite session keys (so I can make calls like publishUserAction when they're not online). I have an iPhone app out where we want to post user actions to their feeds, so this is especially handy since there's no live session.

Write-up here:
http://blog.geehsien.com/2009/02/01/get … ermission/

Thanks
Gee
www.rotzy.com

Facebook Platform Team · 2009-02-03 13:12:03

Nice write-ups. Very helpful.

(*topic stickied by admin*)

Eldhrawy · 2009-03-26 03:31:36

Thank you reggieband

thorney · 2009-06-25 00:14:59

Hi James,
Thanks for this.
Shouldn't the check_connect_session function return false if the session has expired instead of just setting the value of when it expires with?

Code:

self.session_key_expires = int(params['expires'])

Or should this be done somewhere else? I'm just getting started with python + appengine + facebook. After having a valid session then logging out it seems that this code falls down.

Cheers!

Last edited by thorney (2009-06-25 00:20:18)

Tomski · 2009-08-17 09:01:59

Thanks for this I'm still having a few issues though I will crack on and try to resolve them you lot make this look too easy.

Facebook Developers

Forums

#1 2008-10-21 10:59:58

Python authentication API (Google App Engine)

#2 2008-10-21 15:07:41

Re: Python authentication API (Google App Engine)

Code:

Code:

#3 2009-01-20 22:39:38

Re: Python authentication API (Google App Engine)

#4 2009-02-01 19:43:47

Re: Python authentication API (Google App Engine)

#5 2009-02-03 13:12:03

Re: Python authentication API (Google App Engine)

#6 2009-03-26 03:31:36

Re: Python authentication API (Google App Engine)

#7 2009-06-25 00:14:59

Re: Python authentication API (Google App Engine)

Code:

#8 2009-08-17 09:01:59

Re: Python authentication API (Google App Engine)

Board footer