I'm having trouble detecting when a user has authenticated with FB, but then clicked 'cancel' when asked for permissions.
What's happening is:
1) Application loads and checks the login status... user is 'unknown'. Great.
2) User clicks "Sign in" button which calls FB.login() with permissions for birthdate and address. User is shown the FB login dialog, enters their credentials, and then is taken to the permissions dialog.
3) They decide to cancel. The dialog closes and returns a status of 'unknown'.
4) I refresh the page, status check runs again, user is now 'not_authorized'.
I'm assuming that this means the login portion at step 2 was successful because now I can even open another tab to FB and the user is logged in. This makes sense since the user was able to login and see the permissions dialog, but when they cancelled, why did they remain 'unknown' when in fact they are known by FB at that point?
I tried to add another getLoginStatus as follows:
var login = function(){
console.log('logging in user via FB...');
var dfr = $q.defer();
FB.login(function(response){
if(response.status == 'connected'){
console.log(' user is connected');
}
if(response.status == 'not_authorized'){
console.log(' user is not authorized');
}
if(response.status == 'unknown'){
console.log(' user is unknown');
// if user is unknown, check that they REALLY are unknown
FB.getLoginStatus(function(response){
console.log('status response', response);
});
}
status.fbUser = response.status;
dfr.resolve(response);
},{
scope: 'email,public_profile,user_birthday',
return_scopes: true
});
return dfr.promise;
};
... but that only tells me that FB still claims to not know the user. When you refresh the page, BAM! the initial login check says user is not_authorized. Just like children losing specialness as they grow into adults, when does a user go from unknown to not-so-unknown?
I was intending on redirecting the user to either a permissions explanation page, or a registration page or something, but only if they come back from the login process as 'not_authorized'. At least this tells me that FB knows the person, but they have not authorized my app with their account, so I can handle that separately to someone who is completely unknown.
How do I get it to return 'not_authorized' without having to refresh the page? Is the user, from an FB perspective, 'unknown' or 'not_authorized' at the point between steps 2 and 3?
This answer to another SO question leads me to consider subscribing to FB events to detect that change, but I would have thought that the closing dialog, the extra getLoginStatus() and any events would all say the same thing at this point. I'll have to try it out and report back.
This post is close, but deals with two users and the new one getting replaced with the old one. I'm only talking about one user who is changing state.
This post is also close, but the fix was to not already be authorized. I'm talking about an unknown user that becomes partially connected (i.e. not_authorized) during the login process, without requiring a page refresh.
There are a few more posts, but I'm hoping this makes enough sense to differentiate from those that I've already read.
