Closed SamDecrock closed 12 years ago
Once you set the access token on the graph object, any modules that requires graph
should have that token set.
the graph-object only holds the latest access token:
Therefore you have to connect the access token to the current session.
doh! good point. I'm thinking that this should probably be added as middleware so that the request is always tied in with the session. Not sure when I'll be able to implement this. If you have time, go nuts!
Actually, instead of doing this:
graph.get("/me", req.session.access_token, function(err, data) {
console.log(data);
});
Just do:
graph
.setAccessToken(req.session.access_token)
.get(graph.get("/me", function(err, data) {
console.log(data);
});
just double checking here - is graph.setAccessToken() a synchronous call? aka will doing what you propose just above ALWAYS work without issue?
Yes,
Line 376 states:
exports.setAccessToken = function(token) {
accessToken = token;
return this;
};
So does it mean that using:
graph
.setAccessToken(req.session.access_token)
.get(graph.get("/me", function(err, data) {
console.log(data);
});
will resolve the problem of:
?
If one were to do this by accident:
graph.post(...)
we could be using some other user's access token and post to the wrong wall, right?
It looks like a serious issue, why does the global setAccessToken
even exist?
Initial concept was for the accestoken to be static, as in you're going to do a bunch of operations for a particular user token, since I was using Facebook's JS api as a basis. Probably not the best plan in hindsight. Either way, right now you can pass it on each individual request or have it set for all requests.
Hasn't been removed to not break backwards compatibility
Hi,
Love the work you've done here, but it's a bit tricky because we have to store the access_token in a session:
And everytime the browser does some action, we have to pull the access_token from the session and set
Could you add an option to the graph.get function so that we can pass the access_token directly. eg:
Thx
Edit: fyi, I'm using Express.js session support: http://expressjs.com/guide.html#session-support