Facebook API - 用户注销后会话仍然存在
我在我的 iframe facebook 应用程序中使用 Facebook php-sdk 来获取用户登录状态。 在我使用 facebook 帐户注销后 >注销链接,会话尚未销毁。我必须在旧会话过期之前等待几分钟,然后我的应用程序将再次获得正确的登录状态。
我希望当用户退出时 Facebook 会自行终止并终止会话。如何手动终止会话?
这是我的代码:
$initParams = array(
'appId' => $conf['app_id'],
'secret' => $conf['secret_api_key'],
'cookie' => TRUE,
);
$fb = new Facebook($initParams);
$fb->getSession(); // will return a session object eventhough user signed out!
已解决:
如果用户之前已注销,调用$fb->api('/me')将破坏会话。 我已将代码更改如下:
if ($session)
{
try
{
$fbuid = $fb->getUser();
$me = $fb->api('/me');
}
catch(FacebookApiException $e){}
}
如果 API 调用不成功,$session 将设置为 NULL。非常奇怪的行为,我没有解释这里发生的所有事情,但它解决了我的剩余会话对象未通过 getSession() 方法更新的问题。
I am using Facebook php-sdk in my iframe facebook app to get user login status.
Right after I sign out using facebook Account > Log out link, the session is not destroyed yet. I must wait a few minutes before old session expires, then my app will again get the correct login status.
I expect the facebook to kill itself and the session when user signs out. How do I manually kill the session?
Here is my code:
$initParams = array(
'appId' => $conf['app_id'],
'secret' => $conf['secret_api_key'],
'cookie' => TRUE,
);
$fb = new Facebook($initParams);
$fb->getSession(); // will return a session object eventhough user signed out!
SOLVED:
calling $fb->api('/me') will destroy the session if user has previously logged out.
I've changed my code as following:
if ($session)
{
try
{
$fbuid = $fb->getUser();
$me = $fb->api('/me');
}
catch(FacebookApiException $e){}
}
If the API call is unsuccessful, $session will be set to NULL. Very weird behavior, I don't explain everything that is going on here but it solved my problem of having residual session object not being updated via getSession() method.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
我正在使用 $fb->getUser() ,我所做的与你的几乎相同。
我发现仅使用API来检查FB是否已注销有时会不一致,但使用destroySession(),会话肯定会被销毁。
I'm using $fb->getUser() and what I did was almost identical with yours.
I found that using only API to check whether FB is logged out or not sometimes is inconsistent, but with destroySession(), the session will surely be destroyed.
如果您在登录页面上使用 javascript FB.INIT 调用,则将状态从 true 设置为 false。
有关状态属性的详细信息:
http://developers.facebook.com/docs/reference/javascript/FB。初始化/
if you are using the javascript FB.INIT calls on the login page, then set status to false from true.
details about the status attribute :
http://developers.facebook.com/docs/reference/javascript/FB.init/
尝试在 LoginWindow (AS3) 的某处找到 formatData 函数并找到这一行:
更改
http://www.facebook.com/的值并在登录时从该 html 页面注销。这是如果您是开发人员而不是最终用户,则可以使用临时注销解决方案。
Try finding the formatData function somewhere at LoginWindow (AS3) and find this line:
Change the value for
http://www.facebook.com/and logout from that html page when logged in.This is a temporary solution to logout if you are developer, not the end user.
Facebook 应取消会话与会话所属帐户的关联。您可以使用 Facebook::getUser() 检查是否已完成此操作:
Facebook should disassociate the session from the account that the session belonged to. You can use Facebook::getUser() to check whether this was done:
尝试
$facebook->setSession(null)或使用 javascriptLogout;Try
$facebook->setSession(null)or using javascript<a href="/logout/" onclick="FB.logout();">Logout</a>注销无论如何都不起作用。
登录 Facebook 后,尝试在浏览器中发布此链接。
https://www.facebook.com/logout.php
发生了什么?它会带你到你的脸书。根本没有注销。
无论您做什么,请检查函数(取决于您的 API)handleLogout 并检查输出。就我而言,它返回整个 facebook html 页面。
Logout does not work any way you do.
Try posting this link in your browser, after you log in to facebook.
https://www.facebook.com/logout.php
What happen? it takes you to your facebook. No logout at all.
What ever you do, check the function (depends on your API) handleLogout and check the output. In my case, it returns the entire facebook html page.
我设法解决此问题的唯一方法是使用签名请求检查用户 ID 来清除会话:
The only way I've managed to solve this problem was by clearing the session using the signed request to check the user id: