[Facebooker-talk] profile_user facebook tabs
Mike Mangino
mmangino at elevatedrails.com
Fri Jan 30 13:54:12 EST 2009
The profile_user is the person whose tab is being viewed, right? Not
the viewer? If so, it seems wrong to secure a session with that user.
Mike
On Jan 30, 2009, at 10:58 AM, Matthew Beale wrote:
> Hi all,
>
> I use the following monkey-patch on facebooker- it secures a session
> with fb_sig_profile_user for profile tabs.
>
> I can spec it out and add it to my fork:
>
> http://github.com/mixonic/facebooker/tree/master
>
> If secure_with_facebook_params feels like the right place for it.
> Thoughts? Thanks!
>
> -------------------------
> module Facebooker
> module Rails
> module Controller
>
> # Over write secure to handle profile_user and
> profile_session_key params
> #
> def secure_with_facebook_params!
> return unless request_comes_from_facebook?
>
> if ['user', 'session_key'].all? {|element|
> facebook_params[element]}
> @facebook_session = new_facebook_session
> @facebook_session.secure_with!
> (facebook_params['session_key'], facebook_params['user'],
> facebook_params['expires'])
> elsif ['profile_user', 'profile_session_key'].all? {|element|
> facebook_params[element]}
> @facebook_session = new_facebook_session
> @facebook_session.secure_with!
> (facebook_params['profile_session_key'],
> facebook_params['profile_user'], facebook_params['expires'])
> end
> session[:facebook_session] = @facebook_session
> end
> end
> end
> end
> -----------------
>
> --
> Matthew Beale :: 607 227 0871
> Resume & Portfolio @ http://madhatted.com
>
> _______________________________________________
> Facebooker-talk mailing list
> Facebooker-talk at rubyforge.org
> http://rubyforge.org/mailman/listinfo/facebooker-talk
--
Mike Mangino
http://www.elevatedrails.com
More information about the Facebooker-talk
mailing list