How to detect user logging out of Facebook after logging into my app?

Question

My application uses Facebook authentication:

FB.init({

    appId: config.fbAppId,
    status: true,
    cookie: true,
//  xfbml: true,
//  channelURL : 'http://WWW.MYDOMAIN.COM/channel.html', // TODO
    oauth  : true

});

// later...

FB.login(function(response)
{
    console.log(response);
    console.log("authId: " + response.authResponse.userID);
    gameSwf.setLoginFacebook(response.authResponse.accessToken);
}, {scope:'email,publish_actions,read_friendlists'});

And when using it, people can post to their wall:

var obj = {
      method: 'feed',
      link: linkUrl,
      picture: pictureUrl,
      name: title,
      caption: "",
      description: message
    };

    function callback(response) {
      // console.log("Post on wall: " + response);
    }

    FB.ui(obj, callback);

This works fine, but there is one little hickup. If people:

1. Log in on the app.
2. Log out of Facebook.
3. Attempt to make a wall post from the app.

The opening of the wall post dialog fails. The console says "Refused to display document because display forbidden by X-Frame-Options.".

Can I instead get Facebook to show a login prompt to the user. Or can I detect the error and tell the user that he's no longer logged in on Facebook?

Answer 1

Just recall getLoginStatus BUT forcing a roundtrip to Facebook. Look following code:

FB.getLoginStatus(function(response) {
  // some code
}, true);

Look the last parameter set to true to force the roundtrip.

From JS SDK documentation:

To improve the performance of your application, not every call to check the status of the user will result in request to Facebook's servers. Where possible, the response is cached. The first time in the current browser session that FB.getLoginStatus is called, or the JS SDK is init'd with status: true, the response object will be cached by the SDK. Subsequent calls to FB.getLoginStatus will return data from this cached response.

This can cause problems where the user has logged into (or out of) Facebook since the last full session lookup, or if the user has removed your application in their account settings.

To get around this, you call FB.getLoginStatus with the second parameter set to true to force a roundtrip to Facebook - effectively refreshing the cache of the response object. (http://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus/)

Answer 2

What you could try and use is the FB.getLoginStatus where if the user is connected this would allow them to complete the wall post. If they aren't connected then call the FB.login method before they can post on the wall.

FB.getLoginStatus(function(response) {
    if (response.status === 'connected') {
        // the user is logged in and has authenticated your
        // app, and response.authResponse supplies
        // the user's ID, a valid access token, a signed
        // request, and the time the access token 
        // and signed request each expire
        var uid = response.authResponse.userID;
        var accessToken = response.authResponse.accessToken;
    } else if (response.status === 'not_authorized') {
        // the user is logged in to Facebook, 
        // but has not authenticated your app
    } else {
        // the user isn't logged in to Facebook.
    }
});

http://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus/

There are also the events for login and logout that you can watch for and do something with those responses.

FB.Event.subscribe('auth.login', function(response) {
    // do something with response
});

FB.Event.subscribe('auth.logout', function(response) {
    // do something with response
});

http://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/