Why does auth.login facebook JS SDK event fire on page load?

According to the FB.getLoginStatus Page:

auth.login

This event is fired when your app first notices the user (in other words, gets a session when it didn't already have a valid one).

auth.logout

This event is fired when your app notices that there is no longer a valid user (in other words, it had a session but can no longer validate the current user).

Essentially these events are fired by changes in the users session.

If you are using the lastest version of the JavaScript SDK the users session should be automatically maintained if you have the cookies parameter set to true, which should initialise the JavaScript SDK with the current user session (if available).

FB.init({
  appId: 'YOUR_APP_ID', 
  cookie: true, 
  xfbml: true,
  oauth: true
});

I too am having this problem although I have the cookie parameter set in my FB.init function. Using the Chrome Dev Tools I can see that a cookie has been created by the JS SDK, but the auth.login event fires on every page load regardless.

I'm redirecting to url.com?login when PHP kicks in to login the user into my application, or create a new account if it doesn't exist. After the login completes, PHP redirects to url.com again. At the moment this is causing an endless loop between the auth.login event firing and PHP redirecting back to the page.

At the moment I'm doing some checks in the JS to see if PHP has a logged in user or not before doing the redirect, but from reading the documentation, I shouldn't have to do this.

Has anyone else experienced this?

i have the same issue. Login is fired on every page load ... still unable to find a solution after playing around with it after hours on different machines with different browsers

There is already a bug entry in facebook: https://developers.facebook.com/bugs/478371735509917