How to clear facebook session and cookie when using devise + omniauth + rails 3?
I implemented account creation and login using facebook connect using devise + omniauth on rails 3. My problem, however开发者_Go百科, is clearing facebook session and cookies when user logs out. Currently when a user signs out, it seems to clear current session. However, when a user signs in again, it automatically logs the user in because of the facebook cookie. I'd like the sign_out method to clear the cookie so that when a user tries to log in next time, it will ask user to sign in with facebook.
Right now I am using the default devise route "devise_for :users". Shall I overwrite it by creating "class SessionsController < Devise::SessionsController"? If so, do I need to write both create and destroy methods? In destroy method, how do I exactly clear fb cookie(s)?
Any help would be much appreciated!
In order to clear out FB session, you have to use FB JS SDK.
So, here is what I did.
First, init FB JS. I used a partial, but you can just put this this in layout
<script type="text/javascript">
window.fbAsyncInit = function() {
FB.init({
appId: '[APP_ID]',
status: true,
cookie: true,
xfbml: true});
};
(function() {
var e = document.createElement('script');
e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
e.async = true;
document.getElementById('fb-root').appendChild(e);
}());
</script>
Then, I bound logout link to a FB.logout function that calls destroy_user_session_path in application.js.
$(function() {
$('#logout').click(function(e) {
FB.logout(function(response) {
var url = $('#logout').attr('redirect_url');
$.ajax({
url: url,
type: 'DELETE',
success: function(msg) {
window.location = '/';
}
});
});
e.preventDefault();
});
});
My application.html.erb.
<% if user_signed_in? %>
<p><%= link_to "logout", "#", :id => "logout", :redirect_url => destroy_user_session_path %></p>
<p>Hi, <%= current_user.email %></p>
<% else %>
<p><%= link_to 'Login with Facebook', '/auth/facebook/' %></p>
<% end %>
精彩评论