I'm curious how these systems work technologically. As I understand it you do the following as a user:
But, how does the 3rd party site talk to FB about who you are? I can understand how it could get the information it needs when you initially authorize the application, but how would it know afterwards? Here's a scenario:
A background ping using an IFrame is performed, and if the currently signed in account has already authorized the application, then the access token and user id are returned to the application. With this the application can decide what to do (usually, set a cookie and refresh the page so that the server can re-render the page knowing who you are based on the cookie that was just set). If you're curious, you can look at the Facebook implementation of the client side JS method called FB.getLoginStatus() here: http://github.com/facebook/connect-js/blob/master/src/core/auth.js#L117
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With