1

I want to be able to login to a Flask based server with Facebook authentication from a mobile application.

I understand that in mobile, a user logs into Facebook and is able to retrieve an access token that one can use to authenticate with the server as well.

I have found these two Flask examples:

https://github.com/mitsuhiko/flask-oauth/blob/master/example/facebook.py

https://github.com/litl/rauth/tree/master/examples/facebook

They are able to login into Facebook and retrieve an access token as well. What else do I need to do to be able to send back a status code to the mobile application telling it that it has logged into my own server with Facebook?

Or am I thinking about this backwards somehow?

Paulius Dragunas
  • 1,702
  • 3
  • 19
  • 29

1 Answers1

0

Just make sure that you sending HTTP requests within same session(iOS default behaviour), so after you send token to flask server - flask server returns response, like {"status":"logged_in"} or with user data if you need.
This response contains cookies of login. So all requests within session are with logged in user.

Whenever user closes application - you can probably lose the login, so you need to enabled remember_token inside flask and store it in your application for future sessions.

Eventually remember_token will become invalid and you wont be able to login, so your application should rerequest access_token from facebook, relogin to flask server.
I advice to set remember_token expiration to 2 month, so it will match expiration date of access_token

Tigra
  • 2,611
  • 20
  • 22