Example: Facebook Authentication and the Graph API
The Facebook example is structurally very similar to the Twitter
example we just saw. Facebook has two different API standards, the
original REST API and the Facebook Graph API. While both are currently
supported, the Graph API is the recommended way to develop new Facebook
applications. Tornado supports both APIs in the auth
module, but we will focus on the Graph API
in this example.
In order to prepare for this example, you will need to sign in to Facebook’s developer site and create a new application. You will be asked to name your application and asked to prove you are not a robot. In order to authorize users from your own domain, you will need to specify your application’s domain name. Then click the “Website” box under the “Select how your app integrates with Facebook” heading. You will need to enter your site’s URL here as well. For a more complete guide to setting up a Facebook app, the developer guides are a good start: https://developers.facebook.com/docs/guides/web/.
Once your application is set up, you will use the application ID and secret provided in the Basic Settings page to connect to the Facebook Graph API.
Recall from the previous section that the single sign-on workflow will direct a user to the Facebook platform to authorize the application, and Facebook will use an HTTP redirect to send the user back to your server with an authorization code. Once you receive the request with the code, you must request the authorization ...
Get Introduction to Tornado now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.