November 16, 2013
I've been having a problem with Facebook this week. It's that kind of bug that makes you crazy. You don't know if the problem lies in the code that you think works or package that you know works. I've created a wrapper library for Facebook PHP SDK, called Laravel Facebook (previously Laravel Social). Hence, I initially thought I had did something wrong, so I dumped it from my project then used the SDK plainly.
After using the Facebook PHP SDK in my project, other people have been finding it unreliable to log in the website through Facebook. All that I can say was, "it works for me." Whenever they try to log in, they just get redirected back to the
redirect_uri without errors.
At first, I thought that this could possibly be some session issue with Facebook and Laravel. But trying to isolate the problem further, I found out that the system had been receiving
state parameters from Facebook. Logging in manually, this is what you would use without the SDK. However, given the straightforward example of the SDK, this should already be handled by it.
Thank you, phwd! I had wasted around half a day of Google-ing for "facebook code/state redirect" that I mindlesly wandered of to his answer to a seemingly unrelated question. Surprisingly for me, I realized that the SDK required that
getLoginUrl() to be called since it will establish a CSRF token for use with the
state parameters. On the other hand, my production configuration was set to cache my output. This meant that
getLoginUrl() could never be called when serving the cached output.
Simply fixed the bug by disabling the cache. #phew
Laravel Facebook is a package that I created for practice with Laravel and use with projects.