wildfalcon/facebook_cookie_app_controller.rb

## facebook_cookie_app_controller.rb
class ApplicationController < ActionController::Base
  protect_from_forgery

  helper_method :user_logged_in?, :current_user

  def user_logged_in?
    fb_info_signed?
  end

  def current_user
    @current_user ||= begin
      return nil unless fb_info && fb_info['uid']
      user = User.find_by_uid(fb_info["uid"])
      user = User.create!(fb_info.slice("uid", "access_token")) if user.nil?
      user.access_token = fb_info["access_token"]
      user.save
      user
    end
  end

  private
  def fb_info
    cookie = request.cookies["fbs_#{ENV['FB_APP_ID']}"]

    return nil if cookie.blank?

    cookie[1..-2].split('&').reduce({}) do |hash, val|
      key, val = val.split('=')
      hash[key] = val
      hash
    end
  end

  def fb_info_signed?
    return false if fb_info.nil?
    unhashed_sig = fb_info.keys.reject{|k| k=="sig"}.sort.reduce(""){|out,k| "#{out}#{k}=#{fb_info[k]}"}.to_s + ENV["FB_APP_SECRET"]

    hashed_sig = Digest::MD5.hexdigest(unhashed_sig)
    hashed_sig == fb_info["sig"]
  end

end

## facebook_user.rb
require 'net/https'

class User < ActiveRecord::Base

    after_create :pull_profile_from_facebook

    def profile_url(size = "square")
      "https://graph.facebook.com/#{uid}/picture?type=square"
    end

    private

    def pull_profile_from_facebook
      uri = URI.parse(URI.escape("https://graph.facebook.com/#{uid}?access_token=#{access_token}"))
      puts uri.request_uri

      http_session = Net::HTTP.new(uri.host, uri.port)
      http_session.use_ssl = true
      res = http_session.start { |http|
        http.get(uri.request_uri)
      }
      self.attributes = JSON.parse(res.body).slice("name", "email")
      self.save!
    end
end

## javascript_for_fb_login.html
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
  FB.init({appId: '<%= ENV["FB_APP_ID"] %>', status: true, cookie: true, xfbml: true});
  FB.Event.subscribe('auth.sessionChange', function() {window.location.assign("/");});
</script>
	class ApplicationController < ActionController::Base
	protect_from_forgery

	helper_method :user_logged_in?, :current_user

	def user_logged_in?
	fb_info_signed?
	end

	def current_user
	@current_user \|\|= begin
	return nil unless fb_info && fb_info['uid']
	user = User.find_by_uid(fb_info["uid"])
	user = User.create!(fb_info.slice("uid", "access_token")) if user.nil?
	user.access_token = fb_info["access_token"]
	user.save
	user
	end
	end

	private
	def fb_info
	cookie = request.cookies["fbs_#{ENV['FB_APP_ID']}"]

	return nil if cookie.blank?

	cookie[1..-2].split('&').reduce({}) do \|hash, val\|
	key, val = val.split('=')
	hash[key] = val
	hash
	end
	end

	def fb_info_signed?
	return false if fb_info.nil?
	unhashed_sig = fb_info.keys.reject{\|k\| k=="sig"}.sort.reduce(""){\|out,k\| "#{out}#{k}=#{fb_info[k]}"}.to_s + ENV["FB_APP_SECRET"]

	hashed_sig = Digest::MD5.hexdigest(unhashed_sig)
	hashed_sig == fb_info["sig"]
	end

	end
	require 'net/https'

	class User < ActiveRecord::Base

	after_create :pull_profile_from_facebook

	def profile_url(size = "square")
	"https://graph.facebook.com/#{uid}/picture?type=square"
	end

	private

	def pull_profile_from_facebook
	uri = URI.parse(URI.escape("https://graph.facebook.com/#{uid}?access_token=#{access_token}"))
	puts uri.request_uri

	http_session = Net::HTTP.new(uri.host, uri.port)
	http_session.use_ssl = true
	res = http_session.start { \|http\|
	http.get(uri.request_uri)
	}
	self.attributes = JSON.parse(res.body).slice("name", "email")
	self.save!
	end
	end
	<div id="fb-root"></div>
	<script src="http://connect.facebook.net/en_US/all.js"></script>
	<script>
	FB.init({appId: '<%= ENV["FB_APP_ID"] %>', status: true, cookie: true, xfbml: true});
	FB.Event.subscribe('auth.sessionChange', function() {window.location.assign("/");});
	</script>