Simple Authentication for Symfony using Facebook Login

Following on from an earlier post, facebook changed the way you authenticate with their site.

The steps to authenticate have not changed too much, and the only change is to part 4.

  1. Create a new facebook application
  2. Add your website URL to it
  3. Add the facebook Login link to your page
  4. Process the return visit from facebook

1 .Create a new facebook application.

Start off by creating a new facebook app, if you do not already. Make a not of the App ID, we’ll need this later.

2. Add your website URL

Next you need to add your Site URL so that social plugin will work, because facebook only allows you to process an authentication if the referrer URL matches that of the Site URL saved to the app.

3. Add the facebook Login link to your page

Now we can add some code to the page.

<html>
 <head>
  <title>My Facebook Login Page</title>
 </head>
 <body>
  <a href="https://www.facebook.com/dialog/oauth?client_id=0000000000000&amp;redirect_uri=http://www.example.com/login.html">Login with Facebook</a>
 </body>
</html>

What you need to do is replace 0000000000000 with you App ID in the above link. When the user clicks on the link, they will be taken to facebook and asked to grant your application permission to access the permissions you have specified. If you have come from the wrong referrer URL then you will see an error message. If you’ve done the above correctly then the user will authenticate with their facebook login details and redirected back to http://www.example.com/login.html

4. Process the return visit from facebook

Upon redirection back to your site facebook will include one of 2 things in the query string of the URL. error and code – these will allow you to retrieve user details from facebook’s open graph API or tell you what went wrong, normally the user decided to not login.

public function executeLogin(sfWebRequest $request)
{
        if ($request->getParameter('error', false)) {
                $this->error_message = $request->getParameter('error');
                return sfView::ERROR;
        }

        $code = $request->getParameter('code', '');
        $facebook_config = sfConfig::get('app_facebook');

        $url = sprintf('https://graph.facebook.com/oauth/access_token?client_id=%s&redirect_uri=%s&client_secret=%s&code=%s',
                $facebook_config['appId'], $facebook_config['redirect_url'], $facebook_config['appSecret'], $code);

        $url_data = file_get_contents($url);

        parse_str($url_data, $fb_data);

        if (array_key_exists('access_token', $fb_data)) {
                $url = sprintf('https://graph.facebook.com/me?access_token=%s', $fb_data['access_token']);
                $url_data = file_get_contents($url);

                if ($url_data) {
                        $user_details = json_decode($url_data, true);
                        $user = $this->getUser();
                        $user->parseFacebookData($user_details);
                        $user->setAuthenticated(true);
                }
        }
        $this->redirect('module', 'action');
}

I’ll leave the rest for you to do, but this should allow you to get the details for the user back from the graph API and authenticate the user.

Leave a Reply

Your email address will not be published. Required fields are marked *