I am developing a Facebook application for mobile platform. The mobile part is being developed with PhoneGap and the server side is Python / DzegoGO.
The mobile app should be able to query the Facebook API directly from the server users should be able to inquire the Facebook API. In this way the user should be certified with both Facebook and Servers (Diesgengo), and the server must be the user's Facebook authentication token.
What will be the best flow for authenticating users on both sides? Is it appropriate to authenticate on Facebook through the mobile app, then send the token to the server and create a regulation session on the server?
I had a similar requirement: the jQuery mobile app with Ruby on Rail backend. In my case, I implemented Facebook authentication on the backend using omniauth, retrieves the backend facebook access token and sends it to the jQueryMobile frontend. Frontend uses JSONP to retrieve user's friend list. The advantage of this approach is that one point of authentication - Facebook at the backend.
You can find a demo of your app and the entire source code
Comments
Post a Comment