index.html.erb

<% fb_connect_async_js do %>
	<% unless current_facebook_user %>
		FB.login(function(response) {
			if (response.session) {
				// window.location.href = '#{request.url}';
				window.location.href = '<%= root_url %>';
			} else {
				// user cancelled login
			}
		}, {perms:'read_stream,offline_access,email,user_status,user_interests,user_location,user_online_presence'}); 
	<% end %>
<% end %>


<% if current_facebook_user %>
	
	<%= debug @user.friends %> <!-- in controller: @user = current_facebook_user.fetch -->
  <%= "Welcome #{@user.name}!" %>
	<%= fb_profile_pic(current_facebook_user) %>
  <%= fb_logout_link("Logout of fb", request.url) %><br />

	<table><!-- list friends -->
		<% for friend in @user.friends do %>
			<tr><td><%= fb_profile_pic(friend.id) %></td><td><%= friend.name %></td></tr>
		<% end %>
	</table>
	
<% else %>
	<h1>app not authorized.</h1>
  <%= fb_login_and_redirect('#{ root_url }', :perms => 'read_stream,offline_access,email,user_status,user_interests,user_location,user_online_presence') %>
<% end %>