Session key

Feb 20, 2009 at 10:40 AM
Edited Feb 20, 2009 at 10:43 AM
Hi experts

I developed a Facebook web-application using the Developer Toolkit and Master FBML pages.

here is a link to my app:

When I add the app everything goes fine. But after a while I log on Facebook, open my application, then I get directed to

the server directory that hosts my application. I think it has something to do with Session key expires after 1 hour.

I read on the developer pages wiki that Facebook wants you to store the most recent session key for every user of your app and renew it from the old one.

Has someone figured out how to do that? If you have please let me know and outline the solution.

Thanks in advance.

This is how my Master page looks like:

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using facebook;
using facebook.web;
using facebook.Components;
using System.Xml.Linq;

namespace Lejebolig
    public partial class MasterPage : CanvasFBMLMasterPage
        private facebook.Components.FacebookService mFacebookService = new FacebookService();

        public facebook.Components.FacebookService FacebookService
                return this.mFacebookService;
                this.mFacebookService = value;

        // Overrides PreRender in the master page class
        protected override void OnPreRender(EventArgs e)

        protected void Page_PreInit(object sender, EventArgs e)
            base.RequireLogin = true;

        protected void Page_Load(object sender, EventArgs e)
            string SessionKey;
            string TokenAuthentication;
            long UserId;

            SessionKey = String.Empty;
            TokenAuthentication = String.Empty;
            UserId = 0;

            // Set API key and secret for the FacebookService
            this.mFacebookService.ApplicationKey = Properties.Settings.Default.ApplicationKey;
            this.mFacebookService.Secret = Properties.Settings.Default.Secret;

            // Set up the IsDesktopApplication for the FacebookService
            this.mFacebookService.IsDesktopApplication = false;
            SessionKey = (string)Session[Properties.Settings.Default.FacebookSessionKey];

            if (Session[Properties.Settings.Default.FacebookUserId] != null)
                UserId = (long)Session[Properties.Settings.Default.FacebookUserId];
            // When the user uses the Facebook login page, the redirect back here
            // will have the auth_token in the query string
            TokenAuthentication = (string)Request.QueryString[Properties.Settings.Default.AuthToken];

            // We have already established a session on behalf of this user
            if (!String.IsNullOrEmpty(SessionKey))
                this.mFacebookService.SessionKey = SessionKey;
                this.mFacebookService.uid = UserId;
            // If not, check if we have auth_token in the query params.
            // If we do, it means we just got called from the Facebook login page.
            else if (!String.IsNullOrEmpty(TokenAuthentication))
                Session[Properties.Settings.Default.FacebookSessionKey] = this.mFacebookService.SessionKey;
                Session[Properties.Settings.Default.FacebookUserId] = this.mFacebookService.uid;
                Session[Properties.Settings.Default.FacebookSessionExpires] = FacebookService.SessionExpires;
            // If neither, we need to redirect the user to the Facebook hosted login page
                Response.Write("<fb:redirect url=\"" + this.mFacebookService.ApplicationKey + "&v=1.0\"/>");