Facebook Integration Backend

Question

What's going on:

I have a backend server where I have the information of each individual user. Twitter and Facebook authentication is a common way of letting the user access one's application nowadays, so it was decided that he/she should be able use those platforms + the classic way (email + password)

The question:

After an user as logged in using Facebook and I receive a call back stating that it was successfully (for example with the SDK):

- (void)sessionStateChanged:(FBSession *)session
                      state:(FBSessionState) state
                      error:(NSError *)error
{
    switch (state) {
        case FBSessionStateOpen:
            if (!error) {
                // We have a valid session
                NSLog(@"User session found");
            }
            break;
        case FBSessionStateClosed:
        case FBSessionStateClosedLoginFailed:
            [FBSession.activeSession closeAndClearTokenInformation];
            break;
        default:
            break;
    }

1. How is it possible to pass now the credentials to the server, in order to access our own endpoints?

2. How can the backend know that this specific user that is making a request is in fact authenticated (or registered) in your backend?

3. What role does the app we create on facebook side (https://developers.facebook.com/apps/) has in this?

Answer 1

1. You can get the OAuth token using FBSession.activeSession.accessToken
2. I assume you'll store the e-mails of all registered users. You can fetch info about the user using: -[FBRequestConnection startForMeWithCompletionHandler:]. This will return a FBGraphUser instance which contains email/name among other details.
3. Your FB app doesn't really play a big role in this process. The description of the app and icon will be shown when FB asks user for the permission. And if you publish anything on user's feed, a small icon is shown. You can link your FB app page to your website.