Facebook sessions get invalidated all the time.
So, after signup, your app shouldn’t assume you’ll ever get another valid token from the Facebook SDK. In some cases, if you would like to stay the session alive, you would possibly need to prompt the user to authenticate with Facebook again.
To avoid a critical mistake I made, here’s the foremost important thing: Don’t ever block your app’s startup on third-party authentication.
Instead, you ought to implement your own session token strategy, and it should probably be made to resemble OAuth2. instead of extending sessions bypassing the first credentials to the backend, you ought to ask your backend for a replacement token employing a separate refresh token.
As a result, authentication flows with Facebook, Google, et al, should look something like this:
User hits “Login with Facebook”
Facebook SDK talks to the Facebook backend to urge a token
Your client gives your backend the token
Your backend validates the token against Facebook’s servers
Your backend issues a replacement authentication or session token
Your client saves your backend’s auth token: Now you’re logged in and may ask your own servers forever, or a minimum of during a way you understand.
Next, we will mention the way to keep the Facebook session alive within the client as long as possible.
Persisting Facebook “connectedness” across logins and devices
Once a user signs in with Facebook, she might check in with another service under an equivalent email address. Or a special user might “Connect” his account to Facebook later, which should associate his Facebook session together with his user account within the backend.
But when these guys check in on another device, or if they sign out and sign back in (without tapping “Login with Facebook”), the Facebook SDK within the client won’t realize their Facebook sessions anymore.
Additionally, the sole thanks to keeping sessions alive is to refresh them within the client; there’s no facility for doing this on the server.Visit-Facebook login
Places and Regions
The right thanks to implement Facebook login for your app.
Logging in with Facebook theoretically solves tons of problems for app developers.
