如何在不显示授权对话框的情况下检测用户之前是否授权了选项卡式应用程序的权限?
如何检测用户之前是否授权了选项卡应用程序,而不向用户显示授权对话框?这是一个用户体验问题。我们不想在没有号召性用语的情况下让用户进入授权对话框,但如果用户之前授权了应用程序,我们也不希望显示号召性用语来登录用户。
这是场景。选项卡应用程序托管在具有多个其他应用程序的页面上。 在 Facebook 中,“赞”按钮在选项卡级别上不起作用,而是在页面级别上起作用,因此用户可能在没有看到当前应用程序的情况下就喜欢了其他应用程序。因此,如果有任何“赞”按钮, “gate”用在选项卡应用程序的登陆页面上,并且需要授权才能使用该应用程序,那么当我们登录用户时,用户将立即显示授权屏幕,而无需采取行动,除非我们可以检测到用户之前已授权此应用程序。
How can you detect if a user previously authorized a tab application, without showing the user an authorization dialog? This is a user experience concern. We don't want to throw the user at an authorization dialog without a call-to-action, but we don't want a call to action to be shown to log the user in if the user previously authorized the app.
Here's the scenario. A tab application is hosted on a page that has several other applications. In Facebook, the 'Like' button does not work at the tab level but on a page level, so a user may have liked a different application without having seen the current application. Therefore, if any 'Like gate' is used on the landing page of a tab application, and authorization is required to use the app, then when we log the user in the user will be immediately shown the authorization screen without a call to action, unless we can detect that the user previously authorized this application.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您可以使用 javascript SDK 并检查登录状态以查看他们是否已授权您的应用程序。如果有,您可以使用 javascript 重定向到其他地方或拨打您需要的电话。如果他们没有,您可以在页面上显示号召性用语。类似于:
但这只会告诉您他们当前是否已登录并通过您的应用程序进行身份验证。您能够判断这是回访用户还是全新用户的唯一方法是,Facebook 是否像 ifaour 提到的那样通过signed_request 中的 userId 发送(然后您可以使用您的应用程序访问令牌调用 /userId/permissions 或查找在您的数据库中),但 Facebook 很可能不会发送 userId,因为您的用户可能没有使用您的个人选项卡应用程序进行身份验证,而是使用不同的共享应用程序密钥进行身份验证。
You could use the javascript SDK and check the login status to see if they have authorized your application. If they have, you could redirect with javascript elsewhere or make the calls you need. If they haven't you could then show the call to action on your page. Something like:
But this will only tell if you if they are currently logged in and authenticated with your application or not. The only way you would be able to tell if this is a returning user vs a brand new user is if Facebook sent over the userId in the signed_request like ifaour mentioned (then you could call /userId/permissions with your app access token or look up in your database), but Facebook most likely won't send the userId since your users probably aren't authenticating with your individual tab application but a different shared application key.
那么,当用户授权您的应用程序时,Facebook 才会仅在
signed_request中发送用户 ID。因此,只要缺少该信息,就意味着用户尚未授权您的应用程序,即显示身份验证对话框(或重定向到身份验证屏幕)!有关此内容的更多信息,请参阅页面选项卡教程:
Well Facebook will send the user id in the
signed_requestonly when the user authorize your application. So as long as that piece of information is missing then this means the user didn't authorize your application yet i.e. show the auth dialog (or redirect to auth screen)!More about this in the Page Tab Tutorial: