stateful_facebook_requests.rb

# The following is taken from our application_controller.rb

before_filter :handle_facebook_requests

# Ensure Facebook requests are stateful by overwriting the session method
def session
  if request_for_facebook? and !params[:_session_id].nil?
    # TODO: Confirm _session_id is associated with the proper ip address
    
    Rails.cache.fetch("sessions/#{params[:_session_id]}", :expires_in => 1.week) do
      session_hash = Hash.new
      request.session.each_pair do |key, value|
        session_hash[key.to_sym] = value
      end
      
      session_hash
    end
  else
    request.session
  end
end

# Facebook requests require cookie-less sessions, tag along the _session_id
def default_url_options(options = nil)
  if request_for_facebook?
    params[:_session_id] = request.session_options[:id] unless params[:_session_id]
    {:_session_id => params[:_session_id]}
  end
end

# Requests coming from Facebook are just different, okay?
def handle_facebook_request
  if request_for_facebook?
    coerce_into_fbml_or_fbjs
    require_login_for_facebook
  else
    ActionController::Base.asset_host = nil
  end
end