I'm writing a Windows Phone App and am using the OAuth interface.
When I navigate to the auth url the first time it shows the login UI. Subsequent times I'm redirected directly to my facebook app page with showing the login UI. Presumably because the login is cached in a cookie or something. All good so far.
The problem comes in when I need to switch users. Is there a way to force the facebook oauth url to clear previous creds and show the login screen?
Thanks!
Log the user out of Facebook using the url below:
https://www.facebook.com/logout.php?access_token=ACCESS_TOKEN&confirm=1&next=REDIRECT
Now, in order to log a user out of Facebook you need to use this url:
"https://www.facebook.com/logout.php?next="+your_site_url_registered _on_fb+"&access_token="+accessToken
Related
I want to test the log-in flow for my website that uses Facebook auth.
Unfortunately, after the first time I log into my site with Facebook, I am never shown Facebook's auth window or flow again. I' just automatically logged in.
How can I remove my permission to a particular website so I am presented with Facebook's login flow again?
just remove your app from https://www.facebook.com/settings?tab=applications
afterwards it will ask for all permissions again.
I am integrating facebook login to my website. I want to store information of users who logins with facebook. After login another page should be loaded. How to call a function when user logins to the website?
While this will obviously depend on how you are actually logging in to facebook in the first place (using the PHP SDK, Javascript or whatever), if you are doing it correctly, you will be specifying a URL to go to upon successful login. All you need do is add a parameter to that url, and you will be able to detect that you logged in via facebook.
So your URL might be something like:
http://www.mysite.com/loginsuccess.php?source=fb
If you want further help can you outline how you are actually running the login process?
I am confused as to what does the facebook logoutUrl does in the facebook integration?
Does it destroy the current session?
Would session_destroy do the same thing?
Thanks!
When we are integrating facebook, on success of the login of a user, we need to create login session by using the user details provided from facebook and the logout is actually our application logout, not the facebook logout.
According to Facebook Doc:
This method returns a URL that, when clicked by the user, will log
them out of their Facebook session and then redirect them back to your
application.
It will also invalidate the user access token so that you will no longer be able to call any graph APIs against that user.
when we loggin, we get access token , after we logout , access token also get destroyed.
so we have to logout to maintain session management in our application.
I'm trying to write application for user login to website via Facebook. When user is logging in, he's redirected to http://www.facebook.com/dialog/oauth/?client_id=APP_ID&redirect_uri=REDIRECT_URL&state=STATE, then sees confirmation dialog to use permissions and all goes well. But then FB somehow remembers this application and never asks for permissions confirmation again when user opens this url. Is there any way to always show this dialog? I could do it in Twitter, but couldn't found the answer for Facebook.
If you really want this for some reason, uninstall the app from the user's account with a HTTP DELETE request to /USER_ID/permissions using your app access token.
The next time they come back they'll need to re-authorise the app.
Otherwise, no, there's no way that I'm aware of apart from the reauthentication flow to force the auth dialog to appear, but bear in mind that the reauthentication flow may prompt the user to re-enter their Facebook password even if they're already logged into Facebook, so it adds extra friction to the process
Instead of showing the Facebook OAuth dialog, you could also show the user a page on your application that has some information about the Facebook account that is going to be used (picture/name etc), to log into it. That way, if they like they can choose to log out and re-authenticate or continue knowing they have the right account.
I've created an app that works fine, however if the user has not authorized my app yet, they have to do the following (assuming they are in facebook AND logged in) -
go to my app
click login/authorize
popup with facebook permissions opens
accept in the popup
However I noticed with Zynga games like Mafia Wars 1/2, Farmville etc, when you go to the app, if it hasn't been authorized, it takes you straight to the permissions which is in a PAGE and not a popup, thereby eliminating one step. Also, the permissions dialog is full width, there is not app sidebar.
Does anyone know how I can duplicate this flow? It would be much easier to have users authorize within a facebook page rather than through a popup. How can I get permissions inside the page?
thanks in advance
Once user visit a Page tab with your application you can check if he is connected with your application by comparing Page ID with User ID in signed_requests, for unauthorized users ID's will be same. In that case you can start authentication flow by redirecting user's browser to "login url".
If you want it to be full page just do the redirect with JavaScript like this:
window.top.location = 'https://www.facebook.com/dialog/oauth?
client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=COMA_SEPARATED_PERMISSIONS'
If you using PHP you can construct Login URL by calling Facebook->getLoginUrl method.
Read the docs on Facebook authentication