I have the following code (taken from facebook-sdk appengine example):
class BaseHandler(webapp2.RequestHandler):
@property
def current_user(self):
if not hasattr(self, "_current_user"):
self._current_user = None
cookie = facebook.get_user_from_cookie(
self.request.cookies, FACEBOOK_APP_ID, FACEBOOK_APP_SECRET)
if cookie:
user = User.get_by_key_name(cookie["uid"])
if not user:
graph = facebook.GraphAPI(cookie["access_token"])
profile = graph.get_object("me")
user = User(key_name=str(profile["id"]), ...)
user.put()
elif user.access_token != cookie["access_token"]:
user.access_token = cookie["access_token"]
user.put()
self._current_user = user
return self._current_user
I have the exact problem described in Issue #23
The example from Google App Engine included with the project calls get_user_from_cookie on every request, which now sends a request to Facebook. The example should cache the returned access token so that this does not happen.
How can I solve this? One concern I have is if I store them on session, how will I know the access token is valid?
get_user_from_cookie calls facebook in order to get the access token, access token can be cached (using memache) for the duration of its expiration (you also get the expiration when calling facebook for the access token).
The follow of getting the access token should be: