I’m using the following setup to first authenticate users, and then use the authentication information to process following requests.

from views.py

@canvas_only
def authenticate(request):
    request.session['access_token'] = request.facebook.graph.access_token
    return render(request, 'authenticated.html', {})

class Home(View):

    def get(self, request, *args, **kwargs):
        """The home to be called from within the application"""

        access_token = request.session['access_token']
        graph = facebook.GraphAPI(access_token)
        me = graph.get_object('me')
        request.session['my_id'] = me['id']
        template_data = _collect_home_data(graph)

        return render(request, 'home.html', template_data)

from urls.py:

urlpatterns = patterns('',
    url(r'^$', 'crosswords.ugly.views.authenticate'),
    url(r'^home/$', Home.as_view(), name='home'),

This mostly works (links within the app work fine now) but new users (who haven’t authorized the app) get the following error message:

An error occurred with Crosswords. Please try again later.

API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: Invalid redirect_uri: Given URL is not allowed by the Application configuration.

The app settings on facebook (canvas url, secure canvas url) both point to

http(s)://finebitstrings.pythonanywhere.com/

What can I do to get rid of that error?