StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POFacebook best practice for dual-authentication (client and server)?
primarykey
Id
7212366
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2011-08-27T03:27:21.870
FavoriteCount
1
LastActivityDate
2011-08-28T20:11:37.650
LastEditDate
2011-08-28T20:11:37.650
LastEditorUserId
915087
OwnerUserId
915087
ParentId
0
PostTypeId
1
Score
1
ViewCount
302
LastEditorDisplayName
text
Body
I have a hosted facebook app. I hold additional PHOTO-TAG info not stored at facebook. From a device, I allow the user to (1) upload a photo, and (2) store additional photo-tag info at my server (C# MVC) My requirements: 1. photo should go directly to fb. Don't want the user to lose it should my host go down. (I already do this). 2. additional tag info should be authenticated. [if it's not, anyone can save this info about any photo]. (I already save tag-info, but unauthorized in my sandbox) ? What's the best practice to: Ensure that when I get a tag-save-request at my server (with a saved photo id), I can verify the user for that photo. I can already do server-auth when FB users access my site from a desktop. I can already do client-auth when my device app connects/uploads the photo. (using 'code' then exchanging it for a token) But, when I pass the access-token from the client to my server, and I try to check it thru FB, I get an #804 (or 803) back about an auth-issue. Clearly not the way to do it. Should I make my device-client go thru my server with a redirect to auth and I capture/save/create some extra token? I'm only worried that I then wouldn't be able to upload directly to FB. Should I pass the code and exchange it for a token at the server (after already exchanging it at the client? can you do it more than once?) (I already know about <a href="http://developers.facebook.com/docs/authentication/" rel="nofollow">http://developers.facebook.com/docs/authentication/</a> but it doesn't (that I can see) address this scenario) Best solutions? Thanks.
Tags
<facebook><authentication><facebook-c#-sdk>
Title
Facebook best practice for dual-authentication (client and server)?
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USJim
UserOwnerUserId
1. USJim
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POFacebook best practice for dual-authentication (client and server)?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POFacebook best practice for dual-authentication (client and server)?
 UserUserId
 USKarel Bílek
 VoteTypeVoteTypeId
 VTFavorite
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.