I am trying to authenticate users by logging in in their facebook account. I am able to get an access token which I save on my $_SESSION variable and get the information I need. My problem is that, when I go to facebook and log in with a different account, the information that I get is from the first account. The application in this case is supposed to ask me to log in again (since I logged out from my facebook and logged in as a different user) but instead it is not and returns info about the first account. I guess my problem is that I store the token in my session which is the same the next time but how do I solve this?
$app_id = '...';
$app_secret = '....';
$redirect_url='...';
FacebookSession::setDefaultApplication($app_id, $app_secret);
// Define Facebook's login helper and redirect back to our page.
$helper = new FacebookRedirectLoginHelper( $redirect_url );
// Check to ensure our session was started correctly and the access token exists.
if ( isset( $_SESSION ) && isset( $_SESSION['fb_token'] ) ) {
// Using the access token, create a new session.
$session = new FacebookSession( $_SESSION['fb_token'] );
// Determine if the defined session is indeed valid.
if ( !$session->validate() ) {
$session = null;
}
}
// Check if an active session exists.
if ( !isset( $session ) || $session === null ) {
// If no session exists, let's try to create one.
$session = $helper->getSessionFromRedirect();
}
// Make sure we have a session started.
if ( isset( $session ) ) {
// Save the session
$_SESSION['fb_token'] = $session->getToken();
// Create a new Facebook session using our token.
$session = new FacebookSession( $session->getToken() );
echo 'Connected to Facebook!';
} else {
// Show login url
echo '<a href="' . $helper->getLoginUrl( array( 'email', 'user_friends') ) . '">Login</a>';
}