如何阻止Facebook SDK在$ facebook-> getUser()中返回uid
[英]how to stop facebook sdk from returning uid in $facebook->getUser()
问题描述
so I'm trying to program the Facebook logout feature for my site 
所以我正在尝试为我的网站编程Facebook注销功能
The thing is using the facebook logout button will instead logout the user from the Facebook website not from my website 事情是使用Facebook注销按钮,而是从Facebook网站而不是从我的网站注销用户
so my current logic is when the logout button is clicked, it instead calls my app's logout feature and session gets cleared etc 所以我当前的逻辑是单击注销按钮时,它调用了我应用程序的注销功能并且会话被清除等
but then I also have logic somewhere else in which if $facebook->getUser() returns the uid properly, fetch the user info from the db and set him as logged in 但是然后我在其他地方也有逻辑,如果$ facebook-> getUser()正确返回uid,则从数据库中获取用户信息并将其设置为已登录
is there a way to prevent $facebook->getUser() from returning the proper user id? 有没有办法防止$ facebook-> getUser()返回正确的用户ID?
IE when user clicks on the logout, he shouldn't be logged out of the actual facebook website, but also $facebook->getUser() should also not return a proper id so that he won't be automatically relogged in again IE,当用户单击注销时,不应从实际的Facebook网站注销,而且$ facebook-> getUser()也不应返回正确的ID,这样他就不会自动重新登录
2 个解决方案
解决方案1
0 2011-12-18 07:38:27
how facebook knows that user is logged out on your site ? Facebook如何知道该用户已退出您的网站? place a flag to local db indicating that user logged out. 在本地数据库上放置一个标志,指示该用户已注销。 check it after $facebook->getUser(). 在$ facebook-> getUser()之后检查它。
解决方案2
0 已采纳 2011-12-18 07:56:56
The thing to remember when working with the Facebook SDK is that when you authenticate, you are essentially logging in to Facebook & your website separately - you need to cater for this logic. 使用Facebook SDK时要记住的一点是,当您进行身份验证时,实际上是分别登录Facebook和您的网站-您需要满足这种逻辑。
Once signed in to Facebook, an authentication cookie is created (not a session). 登录到Facebook后,将创建身份验证cookie(而不是会话)。 You might be using sessions for your site authentication, but Facebook is using a cookie. 您可能正在使用会话进行站点身份验证,但是Facebook使用的是Cookie。
You need to call $facebook->destroySession(); 您需要调用$ facebook-> destroySession(); if you do not want the UID returned on subsequent calls. 如果您不希望在后续调用中返回UID。
Take a look at my CodeIgniter code, the *index.php/authenticate/kill_session* method calls the above destroySession(); 看一下我的CodeIgniter代码,* index.php / authenticate / kill_session *方法调用上面的destroySession(); method as well as clears my app session - this completely logs me out of both Facebook and my app: 方法并清除我的应用会话-这完全使我退出了Facebook和我的应用:
<?php
class Facebook_model extends CI_Model
{
public function __construct()
{
parent::__construct();
$this->config->load('facebook');
$config = array(
'appId' => $this->config->item('facebook_api_key'),
'secret' => $this->config->item('facebook_secret_key'),
'fileUpload' => false,
);
$this->load->library('Facebook', $config);
}
public function connect()
{
$user = $this->facebook->getUser();
$profile = null;
if($user)
{
try {
$profile = $this->facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
$fb_data = array(
'me' => $profile,
'gender' => $profile['gender'],
'uid' => $user,
'loginUrl' => $this->facebook->getLoginUrl(array('scope' => 'email,user_birthday')),
'logoutUrl' => $this->facebook->getLogoutUrl(array('next' => base_url('index.php/authenticate/kill_session'))),
);
return $fb_data;
}
public function disconnect()
{
$this->facebook->destroySession();
}
} // EOC
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.