From Facebook Developer Wiki

<fb:if-is-app-user>

 <fb:else>
  <fb:redirect url="http://www.facebook.com/login.php?v=1.0&api_key=[your_app_key]&next=[your_canvas_page_URL]&canvas="/>
 </fb:else>

</fb:if-is-app-user>

Contents 1 can't get user id before authorise 2 Post-Remove URL Question 3 require_login also requires authorization? 4 Bug in get_login_url + authorization?

[edit] can't get user id before authorise

I am really struggling to get this, did something change? get_loggedin_user doesn't work, get_canvas_user doesn't work and there's nothing in the fb_sig variables. The users do not have restrictions on the platform getting info. - 1584252793 04:34, 15 April 2009 (PDT)

If you could, please file a bug and include steps to help us reproduce the problem. Thanks, Pete (563683308 11:08, 15 April 2009 (PDT))

[edit] Post-Remove URL Question

Heres a question, what does Facebook actually send you when they 'ping' the Post-Remove URL? How do you know which user removed your app. Do you just call the API in the usual way, and it spits out user_id and the rest?

Thanks! Russ

The document claims that it's going to send fb_sig_user or fb_sig_canvas_user but it doesn't send either one even when I'm logged in, here's all it sends:

fb_sig_in_iframe=1 &fb_sig_locale=en_US &fb_sig_in_new_facebook=1 &fb_sig_time=1245964022.6559 &fb_sig_added=0 &fb_sig_api_key=<myapikey> &fb_sig_app_id=118654246410 &fb_sig=e682091afd396e817d433c66ff7196bc"

What's the deal??

How are you getting to your canvas page -- by typing the URL into the browser? If your account hasn't authorized the app, then you should still get the fb_sig_canvas_user param when you arrive at a canvas page from a Facebook URL (like a friend's profile, the app directory, etc). Does that help? Pete (563683308 11:59, 26 June 2009 (PDT))

[edit] require_login also requires authorization?

Hi, I was trying to make a pre-authorization page for instructions and briefs. But I would also like them to have logged in so I can show their friends in the app. Is there a way to just require login to facebook (or maybe just check if the user is logged in)?

Have you read Automatic Authentication? When a user who hasn't authorized your app visits your canvas page, we send you some user data, including the UID and the UIDs of the user's friends (unless the user has hidden his or her public profile listing).

Even though users_getLoggedInUser() says it's session option, it throws the require session exception.

users.getLoggedInUser says that a session key is required. Where does it say otherwise? Pete (563683308 17:15, 11 August 2009 (PDT))

[edit] Bug in get_login_url + authorization?

When I invoked get_login_url to make sure the user is logged into facebook, after the user logs in, even though the user did not click 'authorize', that user has authorized the application.

I assume facebook doesn't want this to happen~ since all the use does it logging in and all of a sudden he has authorized an application to access his information.

Now my app automatically authorize itself whenever I view the page. Is there some optimization on facebook such that, if I have authorized it before, even after I remove it the application will automatically authorize? Here is what I did: remove the app from 'Edit Applications' => refresh to make sure its gone => go to my application (isAppUser returns 1) => go back to 'Edit Application' and now my app is back!