Create a Facebook app with Rails

In the beginning of this year I scored a programming gig for Wakoopa to spice up their Facebook app.

The original app was created in .NET by a third party and was buggy as hell. The goal was to recreate the app in Rails and have at least the same functionality.

Some befriended (PHP) developers warned me that facebook has some serious pitfalls so before I made an estimate for the project I bought a PDF called Developing Facebook Platform Applications with Rails from The Pragmatic Programmers and a PDF book from Peepcode.

Thanks to this PDF and the Facebooker plugin it was doable. I made the sample application as described in the PDF and so I had enough knowledge to create the WakoopaFacebook app. My advice: buy it!


Facebooker plugin

The data that has to be shown on the Facebook page comes from the Wakoopa API. This has to be converted to FBML markup to be compatible with Facebook. You also have the choice to work with iframes but FBML has some advanced features like automatic substitution of id’s to user names and userdetails.

A big plus also is that you don’t need to store all that data (it’s not permitted by facebook to store data longer than 24 hours), Facebook takes care of it. Also it takes the user’s privacy setting in consideration.

The Facebooker plugin provides a lot of things for you to make development a breeze. Session handling is automaticly provided by adding ensure_application_is_installed_by_facebook_user to the controller.

Facebook Caveats

The Facebook Wiki is a mess, so here are some tips that could save you some time. Also all requests from facebook are POST’s.

Session Keys

If the user hasn’t been to your application for a while (session timed out, 1 hour) or logged out (whichever comes first), the session_key becomes invalid. Costed me a few hours to find out, but you can get infinite session keys.

By asking the user for permission you can use offline_access, this will generate a infinite session key automaticly. (use

<%= fb_prompt_permission :offline_access, "May we publish on your feeds?" %>

to ask for access).

There is a difference between timelimited and infinite keys:

Infinite key:
   83d89fd715ac900df4783a68-741234111111
Temporary key with expiration:
   2.8dDnBR2FKc6yOeN2hHISRw__.86400.1232319600-741234111111

but I don’t know the exact scheme of this.

See Extended_permissions and Changes_to_Session_Keys for more details.

Updating the profile box/newsfeed

This can take a while (sometimes several seconds!) so make sure you don’t do that every request cycle. Put it in a separate process. Also publising to the newsfeed requires a session key, use the infinite session key to update the newsfeed if the user is not logged in.

Make your actions responsive

Facebook is very tight on timeouts, so if you’re not responsive enough the user will get a error message. Keep those controllers fast!

Comments are closed.