session is never invalid until i close my browser

Mar 9, 2010 at 11:01 PM
Edited Mar 9, 2010 at 11:41 PM

Hello.  The api seems to always be using the cached session if it exists.  Is there a way to validate the cached session?  I have been looking all over the API and I just want to make sure the cached session is valid and then redirect to the login page if it's not valid.

I was reading another post, which stated that you should append sessionkey, userid and sessionexpires to all you links.  From what I'm seeing, the api just checkes whether the session key exists, no whether it is valid. 

 basically the session is never invalid until i close my browser, which is completely incorrect.

Thanks,

stringa

Mar 12, 2010 at 1:51 AM

I think you should take a close look at what information is available to you page from FB, both on the first page which you click through to your app, and then subsequent pages. The problem is that after following a relative link inside your application, there is no information by which to validate the cached session.

The reason some have suggested putting the sessionkey, userid & sessionexpires on your links is so you can handle some of this yourself, rather than relying on the way the toolkit handles it.

I actually think the toolkit takes the most reasonable approach ATM, given that people usually don't happen to an invalid session information unless they are jumping across web-browsers or removing your application halfway through using it!

 

Mar 12, 2010 at 7:17 AM

I wish you would clairfy a little more.  Can you throw me a bone?  I've been dealing with this problem on and off for about a month.  The problem is, that I just can't spend hours looking at this problem because I have so many other things.  Throwing me a hit at least gives me a place to start.

Mar 15, 2010 at 7:53 AM

Hi stringa,

I have posted some more details in the IFrame thread.

Cheers, Owen.