[ Facebook] – Facebook login 教學文

本篇是 Facebook login 教學文 因FB版本更新比較快，請以Facebook Develope文件為主。

補充： 2016-08-09 若fb使用者本身的mail未認證即取不到 email 的值，但user id 還是會回傳，神奇的是若有第二個fb使用者也是email未驗證的帳號登入 回傳的 user id 都會是同一個。

前置作業請參考以下網址：

http://www.hareion.tk/view/209

fb_login.php 登入頁面

<?php
session_start();
require_once('./Facebook/autoload.php');
$fb = new Facebook\Facebook([
'app_id' => '7390***********',//app_id
'app_secret' => '582d6**************',//app_安全碼
'default_graph_version' => 'v2.4',//預設版本
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email', 'user_likes']; // 要取得的權限
$loginUrl = $helper->getLoginUrl('http://網址/login-callback.php', $permissions);//取得權限後要跳轉的頁面
if(isset($_SESSION['fb_access_token'])){
try {
// Returns a `Facebook\FacebookResponse` object
$response = $fb->get('/me?fields=id,name,email', $_SESSION['fb_access_token']);
//取得登入者的 id,name,email(若fb使用者本身的mail未認證即取不到此值，即便有取得該使用者的mail權限)
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
$user = $response->getGraphUser();
echo 'Hi ~ ' . $user['name'];
echo ' - 你已經登入了<br/>';
echo '<a href="fb_logout.php">Logout!</a>';
}else{
echo '<a href="' . $loginUrl . '">Log in with Facebook!</a>';
}
?>

login-callback.php //登入後的處理頁面

<?php
session_start();
require_once('./Facebook/autoload.php');
$fb = new Facebook\Facebook([
'app_id' => '7390***********',//app_id
'app_secret' => '582d6**************',//app_安全碼
'default_graph_version' => 'v2.4',//預設版本
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "\n";
echo "Error Code: " . $helper->getErrorCode() . "\n";
echo "Error Reason: " . $helper->getErrorReason() . "\n";
echo "Error Description: " . $helper->getErrorDescription() . "\n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
// Logged in
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());//取得Token
// The OAuth 2.0 client handler helps us manage access tokens
$oAuth2Client = $fb->getOAuth2Client();
// Get the access token metadata from /debug_token
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
echo '<h3>Metadata</h3>';
var_dump($tokenMetadata);
// Validation (these will throw FacebookSDKException's when they fail)
$tokenMetadata->validateAppId('7390***********');//app_id
// If you know the user ID this access token belongs to, you can validate it here
//$tokenMetadata->validateUserId('123');
$tokenMetadata->validateExpiration();
if (! $accessToken->isLongLived()) {
// Exchanges a short-lived access token for a long-lived one
try {
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);//取得長期Token
} catch (Facebook\Exceptions\FacebookSDKException $e) {
echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
exit;
}
echo '<h3>Long-lived</h3>';
var_dump($accessToken->getValue());
$ab=$accessToken->getValue();
}
$_SESSION['fb_access_token'] = (string) $accessToken; //將Token寫入session裡
// User is logged in with a long-lived access token.
// You can redirect them to a members-only page.
//header('Location: https://example.com/members.php');
?>

fb_logout.php 登出頁面

<?php session_start();
session_destroy();
Header("location:fb_login.php");
?>