On 01.12.2010, at 17:37, Jeremy Mikola wrote:
> I've put this off because we're not yet using Security component. In
> response to what Ben mentioned, the FB login process is very view-centric
> (and worse, OAuth-centric), so relying on the Javascript SDK is a quick win.
>
> There's no reason you can't rely on JS to handle the login/registration flow,
> and still create a provider. The Security component provider would just have
> to check for \Facebook::getUser(), which will return a FB UID if someone is
> connected. You can then resolve that FB UID to a database user.
>
> Presenting the Javascript SDK as a login option would be up to the developer,
> but it's outside the scope of the firewall in my opinion.
>
> I would suggest that if anyone implements the above, they consider
> contributing to:
>
> https://github.com/kriswallsmith/FacebookBundle
>
> It'd be more helpful to the community to build up an existing Facebook bundle
> (which already has some essentials for connecting the API) than end up with
> several competing ones.
I am not doen yet, but from initial testing things turned out to be quite easy.
I have both DB users as well as Facebook Users, but both have some data in the
DB. So I decided to just modify my UserRepository to handle the two cases. As
you can see I am injecting a Facebook PHP SDK instance which is already turned
into a service by KrisFacebookBundle. Not sure if this code is worth
contributing. Maybe once I have the subscription thing working, but its not yet
cler if the client will want that implemented for the launch or not.
class UserRepository extends BaseUserRepository
{
protected $facebook;
public function setFacebook($facebook)
{
$this->facebook = $facebook;
}
/**
* @see UserRepositoryInterface::findOneByUsername
*/
public function findOneByFbId($fbId)
{
return $this->findOneBy(array('facebookID' => $fbId));
}
/**
* Loads the user for the given username.
*
* This method must throw UsernameNotFoundException if the user is not
* found.
*
* @param string $username The username
* @return AccountInterface A user instance
* @throws UsernameNotFoundException if the user is not found
*/
public function loadUserByUsername($username)
{
if (empty($username)) {
if ($this->facebook->getSession()) {
$fbID = $this->facebook->getUser();
$em = $this->getEntityManager();
$user = $this->findOneByFbId($fbID);
if (!$user) {
$user = $this->createUserInstance();
$user->setPassword('');
$em->persist($user);
}
// TODO ideally we would subscribe to changes, so that we would
not have to do this if the user already exists
// TODO http://developers.facebook.com/docs/api/realtime
$user->setFBData($this->facebook->api('/me'));
// TODO validate the user
$em->flush();
}
} else {
$user = $this->findOneByUsername($username);
}
if (!$user) {
throw new UsernameNotFoundException(sprintf('The user "%s" does not
exist', $username));
}
return $user;
}
}
regards,
Lukas Kahwe Smith
[email protected]
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
