Facebook Connect Login Logic

// this condition actually just looks at whether the "user" cookie is set, which seems to
// indicate that they will all be set; it doesn't do the signature verification yet
if( the FC cookies are set )
  if( there is a valid logged-in MP session )
    if( the Facebook user and MP user are linked in the database )
      // just continue loading the page; we haven't checked the FC cookie signature,
      // but that should be fine: the user has proven that they are the MP user by
      // by having the session, and the link in the database proves that that user
      // was authenticated as the linked Facebook user at some point.
    else
      if( !the Facebook cookies signature checks out )
        // perhaps the cookies were tampered with; I don't worry too much about handling
        // this case nicely
        clear the FC cookies and redirect back to the front page
      else
        if( the MP user is linked to any Facebook user in the database )
          // this is a strange case that should be very rare; usually, the javascript will probably
          // prevent this; just switch the user to the Facebook user, since that puts us into a
          // known state and seems reasonable
          log the user out of MP
          log the user into MP as the user linked to the Facebook user
        else
          if( the Facebook user is linked to any MP user in the database )
            // perhaps the user apparently has two Facebook accounts? this redirects them to
            // a page that allows them to log out of Facebook only (and stay logged into MP)
            // or to log out of MP and log back in as the MP user linked to their Facebook
            // account; if they choose the first option, it forwards to a page that executes
            // this javascript:
            // FB.ensureInit ( function () { FB.Connect.logoutAndRedirect('/'); } );
            // The ensureInit() is important, since FB.init() runs asynchronously and method
            // calls that occur before it finishes won't run properly. Unfortunately,
            // logoutAndRedirect() shows the user a dialog box that says that they're logging
            // out of "this site and Facebook", which is not actually true, but I don't think
            // you can control that.
            redirect to a special page to handle this case
          else
            // automatically link the users (normally, this state will have been the result
            // of clicking the "connect accounts" link)
            link the MP user with the Facebook user in the database
            redirect the user to a user explaining the new account and asking them to select
                 a username
  else
    if( !the Facebook cookies signature checks out )
      clear the FC cookies and redirect back to the front page
    else
      if( the Facebook user is linked to any MP user in the database )
          // if the accounts are linked, then the user has already proven that the person
          // authenticated by Facebook is the same person with the MP account; this is
          // typically the result of the user clicking the "login with Facebook" link
          log the user into MP as the user linked to the Facebook user
      else
          // User probably just clicked "login with Facebook" and they don't already have an MP
          // account. Alternatively, I could have performed the automatic account creation in
          // response to a post to the Post-Authorize URL, but doing it here seems just as well,
          // and this way I don't have to remember in the database whether the user has had
          // a chance to change their username.
          create an MP account for the Facebook user
          call the Facebook API to get the user's real name, which is used as their initial userame
                      (modify the username to avoid collisions with existing)
          log the user into MP as the new user
          redirect to a page explaining what just happened and prompting them to change their
               username if desired
else
  // at this point, the user might be logged into MP or might not
  if( logged into MP and that user is linked to a Facebook user in the database )
    // this might be the result of stale cookies; when the user is connected to a Facebook user,
    // then they need to use Facebook authentication, so log them out and let them try again
    log the user out of MP

via mushpot.net

This is what a website has to do if it wants to use Facebook Connect to associate FB users with it's own users. It's far from ideal as you might guess even if you can't read pseudo code.

Posted via web from CyberBilly