I built authorization to Ruby on Rails application using omniauth and facebook. Unfortunately after logout from facebook, user is still logged in to Rails app.
How do I know that user was logged out from facebook?
I can't send authorization request every time when I need to trigger some action.
Is it possible that facebook will send some request after user is logged out?
Or maybe there is some cookie that I can read and I will know that user was logged out from facebook?
You can trigger a logout in Facebook from your application using the Javascript SDK. You can also use FB.getLoginStatus to detect whether the user is logged in to your application.
That being said, these have to be enabled through the Javascript SDK which is completely separate from the OAuth 2.0 API and the way that OmniAuth connects to Facebook.
Related
Can an application check if anybody is logged into Facebook application in mobile ,if logged in get the user email Id from that and use it in their application?
To get a logged in users email address, you would have to authenticate with the API and the user would have to approve you using the Oauth workflow.
You can display a customized login / connect button using the Facebook API but if I recall correctly, that is an iframe that is embedded in your page, and you never see the email from that.
tldr; No. You need to authenticate using the Oauth workflow and have the user grant you permission.
First you have to authenticate user and then you can get logged in user profile information. For that you have to use Facebook API. Please check below link.
https://developers.facebook.com/docs/facebook-login/ios/v2.2
I have an ruby on rails application that uses devise and omniauth-twitter gem to handle user management and authenication. Users can only login through twitter. I already have the application authenticating, however I would like to allow users to write a tweet; and if they are not logged in, authenticate through twitter then have the tweet they wrote before the authentication post to twitter.
I was wondering what is the best way to go about doing that?
Can I capture a request if a user is not logged in, log them in, then preform the captured request?
Just not sure how to go about doing this.
Thanks.
I'm using the Facebook login with Koala for my RoR web application.
I'm using Clearance authentication, and when user logs in with Facebook I'm recognizing the site existing user or subscribing a new user.
I am having an issue with logging out:
I'm trying to logout of the site without logging out of Facebook.
As I understood from the FB API, I should use the url for logging out:
"https://www.facebook.com/logout.php?next=#{sign_in_url}&access_token=#{access_token}".
When directing to that URL it seems like cookies changed, but then on the sign_in page when getting to the parse facebook cookies part (for checking if user logged in to facebook), the
oauth.get_user_from_cookies(cookies)
returns:
OAuthException: Code was invalid or expired. The session is invalid because the user logged out
Like it deletes the whole session instead of just change the cookies...?
* I checked and the cookie fbsr_... still exists! shoudln't it be changed to fbs_...?!
I would appreciate help on this.
Thanks a lot!
Moozly.
I am currently using Devise+Omniauth on my Rails 3 app to authenticate users. My client saw this and doesn't like how omniauth redirects you away from the site. He wants something like on digg.com, which I believe uses facebook connect to authenticate (and opens in a popup instead of redirecting).
What are some arguements for my client to keep him using the Omniauth method? Why is it better than Facebook connect.
And failing that, are there any good resources for logging users in with a facebook connect popup window? Or really anything involving facebook and a popup.
Thanks!
OmniAuth supports login via the Facebook Javascript SDK, which works through a popup. You just need to include the right files. I don't remember all the details, but this should help:
https://github.com/intridea/omniauth/issues/120
User login my application with oauth, after logout my application but twitter can't do, problem is user twitter account is active.
when that logout my application at the same time logout twitter
twitter api not support this action?
No, the twitter API will not log your users out of twitter.
account/end_session only ends the current API Session. I'm working on an site that requires users to be able to log out and then log back in again with another twitter account. To do that, you have to store multiple access tokens per user and establish one as the current access token. More info in the link below.
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/02e44b27d7ba3661?pli=1
As far as signing out of twitter, it's up to the user to sign into twitter and sign out themselves, which is not ideal if working on a shared computer.
Twitter just closing the session at api ,not close the session on Twitter :)
You'll have to call account/end_session to end the session of the authenticated user on twitter.
Old thread agreed, I just integrated Twitter login in my android app using Fabric. I found the following method
com.twitter.sdk.android.Twitter.logOut
I guess they have implemented it now! I couldn't find any documentation, honestly I've not put too much time into it. But I think logout means what I think it means :)
Twitter does not have api for logout. You can use the session closing api to end the user session.
You can use oauth/authenticate or oauth/authorize and add "force_login=true" parameter. This will prompt the user with a login form.
view this thread