Creating an Infinite Session Key
Problem
The user sessions that are created when my users log in expire too quickly. Is there a way to create an infinite session?
Solution
There are two ways to do this:
If your users check the “Keep me logged into [Your App Name]” checkbox when logging into your app, their session with your app will go on forever and always.
You can give users the option of creating a special infinite key code for you by sending them to the URL http://www.facebook.com/code_gen.php?v=1.0&api_key=1234567890, where 1234567890 is your app’s API key (not your app’s ID, but rather the full API key). This will prompt them to generate a key, which they can then give your app and you can pass into the
Auth.getSession()
as anauth_token
. Thesession_key
you get back will survive beyond the sands of time.Note
Web-based Facebook apps used to be automatically granted infinite sessions but now need to manually create them (as of July 15, 2008), the same way that Desktop and Mobile apps have always had to.
Discussion
Infinite session keys are also useful when you have users
accessing your app from a third-party site or if you’re using a
cron
job to process things on a scheduled basis. There’s no way for you to programmatically create an infinite session without expressed consent from your users, which is really for the best. The second option listed in the Solution is the more awkward of the two, since it requires sending them off into a Facebook process that doesn’t automatically return ...
Get Facebook Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.