Hi all!
For all of those who are familiar with PHP and are looking for a way of integrating Facebook login into their website, I have compiled together a simple way of doing so. Now, along with every website that has a user table in their database, ever user should have a unique ID, this includes Facebook. So, what we're going to do is use the Facebook API to get the current logged-in users ID and check if a user has the matching ID in the database. For this example I'm using Facebook's PHP SDK v3 (https://github.com/facebook/facebook-php-sdk).
Now, first of all, to start using the SDK we need to do a few things.
Start by including the "facebook.php" file into your project.
PHP Code:
require_once('facebook.php');
Now we'll need to set a few configuration parameters using the application id & the application secret (assuming you have a Facebook app setup, if not visit https://developers.facebook.com/).
PHP Code:
$config = array(
'appId' => 'APP_ID',
'secret' => 'APP_SECRET',
'allowSignedRequest' => false // optional but should be set to false for non-canvas apps
);
Now, create an instance of the Facebook class and pass along the configuration and grab the user details.
Next, we're going to want to check that the user was logged in, has given our application permission to view their details and we have the details.PHP Code:
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
Once we have the user details, we can start to use their information! Congrats! You've passed the "hard" part.PHP Code:
if($user_id){
//We have a user! We'll leave this for later.
}else{
//We don't have a user! We'll re-direct them to Facebook, get them to login and give us permission.
$login_url = $facebook->getLoginUrl(array('scope' => 'publish_stream, email'));
header("Location: " . $login_url);
}
Now, as an added measure, we're going to use a try-catch to double make sure we have a user.
In this example we'll also make a call to Facebook's Graph API and request some information.
Now, I'm going to go ahead and stop at this part of the tutorial.PHP Code:
if($user_id){
try{
$user_profile = $facebook->api('/me','GET');
/*
$user_profile will contain some different information.
The information of interest will be the user ID and probably the user's e-mail address
$user_profile['id'], $user_profile['email']
*/
}catch(FacebookApiException $e) {
//Here we'll just get them to login again.
$login_url = $facebook->getLoginUrl(array('scope' => 'publish_stream, email'));
header("Location: " . $login_url);
}
}else...
Now that you have the user's ID and their e-mail address you can run a few checks against the database to see if the ID correlates with a user.
The way I have done this is inside the users table I have a column called "fb_id". Now, if the ID we have from Facebook isn't in our database, we know that the current logged-in user has not registered with us and we can go ahead and generate a username & password, use their e-mail and populate the "fb_id" column for that user and create them an account automatically (either e-mailing them their details or creating a one-time username change and getting them to change their password or perhaps neither).
If it turns out the user ID we got from Facebook matches a user in the database, we'll just go ahead and log them in like they entered the correct username & password (i.e. set a session or whatever you do).
If you feel I've missed something or you get an error, feel free to PM me or reply to this thread.
Thanks! :-)