Open krstns opened 9 years ago
:+1:
Until the pattern is fixed, it looks possible to create an appsecret_proof
signature for API calls and inject them into the parameters in 0.7.3 (not in npm though however)
var crypto = require('crypto'),
FB = require('fb');
function initParams(accessToken, clientSecret) {
var hmac = crypto.createHmac('sha256', clientSecret),
params = {};
hmac.update(accessToken);
params.access_token = accessToken;
params.appsecret_proof = hmac.digest('hex');
return params;
}
var args = initParams('access_token', 'client_secret');
FB.api('/me/accounts', 'get', args, function(response) {
// ... do something
} );
https://developers.facebook.com/docs/graph-api/securing-requests
1.1.0-alpha1
is ready for testing (use npm install fb@^1.1.0-alpha1
).
In the 1.1.0
release you can use FB.extend({appId: '...', appSecret: '...'})
to create a new FB instance with its own appId and secret.
Hello
We've got a single game server which is used to support multiple games on facebook. Is there any way we could specify multiple app id's and secretes?
Thanks Krystian