开发者

How do I log a user out of my FB app but not Facebook site?

I am using Facebook login integration on my asp.ne开发者_StackOverflow社区t site. What I want is that when a user logs off the site, I want him to also log off the FB application, but not Facebook itself. If I call FB.logout(), it logs off FB as well as the app. I guess what I want is to lose the acess_token cookie for the app, but I can't figure it out.


FB.api({ method: 'Auth.revokeAuthorization' });


I dont think that is possible as the login for both the application and FB is done using FB credentials..

In case you want to de-authorize the user from your application you can issue an HTTP DELETE request to /PROFILE_ID/permissions to revoke authorization for an app.


I'm not sure this is a good idea. Even if you removed the session for your website, if they are still logged into facebook, they may as well still be logged into your website. They are essentially the same thing. You need to log them out of facebook to ensure their security on your site, otherwise it just takes someone sharing the pc or cookie sniffing, to get access to their account on your site

edit: also, if you just want to delete the cookie, you can simply do this with javascript.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜