问题
In my ASP.NET MVC app, when I authenticate the user with OAuthWebSecurity, Facebook sends back an ExtraData which contains the access token. Initially I thought of storing this in the database, but it says in the FB docs:
You should also remove the stored access token.
...when logging the user out.
So the token should be handled as a session variable, but in ASP.NET MVC I don't have session variables (or there are ways, but it's not a good pattern). What is the best way to store the FB user acess token for the session duration?
Thanks
回答1:
What's wrong with using the session, and what do you mean by not having a session and "there are ways"? Controller has a Session property. Should be easy to store & retrieve your token in there.
来源:https://stackoverflow.com/questions/19883971/where-to-store-facebook-access-token-in-asp-net-mvc