[Facebooker-talk] profile_user facebook tabs

Matthew Beale mixonic at synitech.com
Fri Jan 30 15:49:42 EST 2009 

On Fri, 2009-01-30 at 13:54 -0500, Mike Mangino wrote:
> The profile_user is the person whose tab is being viewed, right? Not  
> the viewer? If so, it seems wrong to secure a session with that user.
> 

Nah, you need a session for someone :-).  It's better than no session at
all, and you have a chance to show some data about the hosting user.
It's just a change of perspective to keep in mind while you write
templates.

I've also gotten feedback from a large number of users who use the tab
for themselves anyway, it's weird but I try to keep a focus on both
possible audiences.

-- 
Matthew Beale :: 607 227 0871
Resume & Portfolio @ http://madhatted.com

> Mike
> 
> On Jan 30, 2009, at 10:58 AM, Matthew Beale wrote:
> 
> > Hi all,
> >
> > I use the following monkey-patch on facebooker- it secures a session
> > with fb_sig_profile_user for profile tabs.
> >
> > I can spec it out and add it to my fork:
> >
> > http://github.com/mixonic/facebooker/tree/master
> >
> > If secure_with_facebook_params feels like the right place for it.
> > Thoughts?  Thanks!
> >
> > -------------------------
> > module Facebooker
> >  module Rails
> >    module Controller
> >
> >      # Over write secure to handle profile_user and  
> > profile_session_key params
> >      #
> >      def secure_with_facebook_params!
> >        return unless request_comes_from_facebook?
> >
> >        if ['user', 'session_key'].all? {|element|  
> > facebook_params[element]}
> >          @facebook_session = new_facebook_session
> >          @facebook_session.secure_with! 
> > (facebook_params['session_key'], facebook_params['user'],  
> > facebook_params['expires'])
> >        elsif ['profile_user', 'profile_session_key'].all? {|element|  
> > facebook_params[element]}
> >          @facebook_session = new_facebook_session
> >          @facebook_session.secure_with! 
> > (facebook_params['profile_session_key'],  
> > facebook_params['profile_user'], facebook_params['expires'])
> >        end
> >        session[:facebook_session] = @facebook_session
> >      end
> >    end
> >  end
> > end
> > -----------------
> >
> > -- 
> > Matthew Beale :: 607 227 0871
> > Resume & Portfolio @ http://madhatted.com
> >
> > _______________________________________________
> > Facebooker-talk mailing list
> > Facebooker-talk at rubyforge.org
> > http://rubyforge.org/mailman/listinfo/facebooker-talk
> 
> --
> Mike Mangino
> http://www.elevatedrails.com
> 
> 
>

More information about the Facebooker-talk mailing list