Using Attributes to Aid with Authorization
Decorating your Controller methods is a simple means of enforcing users are logged in and have authenticated your app.
[FacebookGraphApiFilter]
public ActionResult Index()
{
var facebookApi = new FacebookApi();
var currentUser = facebookApi.User.GetCurrentUser();
return View(currentUser);
}
[FacebookGraphApiFilter]
public ActionResult DynamicExample()
{
var facebookApi = new FacebookApi();
dynamic friends = facebookApi.GraphApi.MakeGraphRequest("me", "friends", new[] {"id", "name", "first_name", "last_name"});
return View(friends);
}
Attributes on Classes
You can also place the FacebookGraphApiFilter on an entire class if all methods are to be only accessed by authorized Facebook Users
[FacebookGraphApiFilter]
public class TestController : BaseController
{
public ActionResult Index()
{
var facebookApi = new FacebookApi();
var currentUser = facebookApi.User.GetCurrentUser();
return View(currentUser);
}
public ActionResult DynamicExample()
{
var facebookApi = new FacebookApi();
dynamic friends = facebookApi.GraphApi.MakeGraphRequest("me", "friends", new[] {"id", "name", "first_name", "last_name"});
return View(friends);
}
The FacebookGraphApiFilter uses your implementation of IFacebookCore to read in Facebook configuration details, you can supply them directly:
[FacebookGraphApiFilter(ApplicationId = "12345",ApplicationSecret = "12314")]
public class TestController : BaseController
{
public ActionResult Index()