Facebook integration in your website

This post includes how to integrate facebook login in a website using Django. Uses of integrating facebook login:

• Instead of registration we use facebook login because facebook login takes less time than registration.
• we can get verified email ids from facebook.
• Post user actions on userwalls, pages, groups.
• Send invitations to user friends via logged in user.
• Send requests from your app to user.

The following steps needed for integration.

1. Creating Facebook app.
2. Authenticating user and getting accesstoken.
3. Get user information using accesstoken.
4. Get user friends list.
5. Get user pages.
6. Get user groups.

1.Creating Facebook app: To create facebook app click here and go to apps on top of the page. Click on create new app.The resulting popup box will prompt you to enter 3 things: AppName, Namespace & category. After creating app you will be provided a dash board and grab both the app Id and app secret.

Complete the all field in settings basic tab.Click Add Platform at the bottom of the page and select Website.Enter a path where you will want to store your file(i.e redirected url).

2.Authenticating user and getting accesstoken: Authentication flow contains 3 steps. i.Generates a URL asking the user for permission. ii.Facebook returns the authentication code to the redirecturl. iii.Get access token using authentication code. i.Generates a URL asking the user for permission:

GET https://graph.facebook.com/oauth/authorize?client_id={fb client id}&redirect_uri={redirect_uri}&scope={permissions separated with commas }

• client_id= Your app id
• redirect_uri=The url which you want to redirect after user login. And must be matched to the url set in the app website url.
• scope=List of permissions to request from the person using your app.To know more information about permission click here.

Now go to the above url it redirects to facebook page and requested for permissions.

Here we are getting 2 cases based on user response. case1: If the user don't accept the permissions and click cancel button then error message send as response to the redirect url.

YOUR_REDIRECT_URI?error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request

case2: If user accepts the permissions then authentication code is sent to the redirect url. ii.Facebook returns the authentication code to the redirect url: If user accepts the permissions then authentication code is sent to the redirect url. The response is shown below.

YOUR_REDIRECT_URI?code={authorization code}

iii.Get access token using authentication code:

POST
https://graph.facebook.com/oauth/access_token?client_id={app-id}&redirect_uri={redirect-uri}&client_secret={app-secret}&code={code-parameter}

• client_id= Your app id
• redirect_uri=The url which you want to redirect after user login. And must be matched to the url set in the app website url.
• client_secret=your app secret
• code=The authorization code received above.

The response for above is shown below.

YOUR_REDIRECT_URI?access_token={access-token}&expires={seconds-til-expiration}

  3.Get user Information using accesstoken:

GET https://graph.facebook.com/me?access_token={access token}

access_token=The token we get in previous step. Response contains the user information. Note:If you are not specified any  permissions then public profile is returned.

4.Get user friends list: Permissions needed: read_friendlists

GET https://graph.facebook.com/me/friendlists?access_token={access token}

The above request returns the list of friends with following information for each friend.

• id=friend facebook id
• name= name of the friend
• list_type= type of the friend and it is one of value in following list [close_friends, acquaintances, restricted, user_created, education, work, current_city, family]
• owner=owner of friend list id

5.Get user pages list:Permissions needed: manage_pages

GET https://graph.facebook.com/me/accounts?access_token={access token}

The above request returns the list of pages which current user is an admin with following information for each page.

• category=category of the page
• access_token=page access token that allows API calls on behalf of the page.
• perms=An array of permissions that indicate the person's role. with the Page, and therefore, what they are able to do with it.
• id=id of the page.
• name=name of the page.

6.Get user groups list: Permissions needed:user_groups

GET https://graph.facebook.com/me/groups?access_token={access token}

The above request returns the list of groups which current user is an admin with following information for each group.

• cover=List of cover photo urls.
• description= Description about group.
• icon= Group's icon url.
• id= Group id.
• link=The url of the group's website.
• name=Name of the group.
• owner=The profile that created this group.
• privacy=The privacy setting of the group containing OPEN,CLOSED, orSECRET.
• updated_time=The last time the group was updated.