Facebook API Logout of my app but not facebook
Solution 1
Are you sure you want to only logout of your app, and not fb too, if you logged in using fb? What kind of app could want to do something like that? And why? What's the benefit of doing so?
But if you really want to (hack), in index.php:
<?php
require 'init.php'; // general init
require 'init_fb.php'; // sets $fb_id if logged in to fb
if (isset($fb_id) and !isset($_SESSION['do_not_auto_login'])) {
echo "<a href='/logout'>Logout</button>";
include 'app.php';
return;
}
if (isset($_SESSION['do_not_auto_login'])
echo "<a href='/re_login'>FB Login</button>";
else include 'html_and_js_fb_login_code_and_button.php';
include 'startpage.php';
?>
and in logout.php:
$_SESSION['do_not_auto_login'] = true;
// destroy-code
and in re_login.php:
unset($_SESSION['do_not_auto_login']);
header("location: /"); // re-direct back to index.php
Not perfect, but works somewhat good. Hope you get the hack!
But still, why?? If you don't think your user would like to come back, ask "How to remove my fb-app from user?" or something instead or try @DMCS's answer.. Why?
Solution 2
A bit late but might help someone. You can revoke app permissions which effectively logs them out of your app. Here's the code:
FB.api('/me/permissions', 'delete', function(response) {
console.log(response.status); // true for successful logout.
});
Solution 3
This works for me:
window.fbAsyncInit = function() {
FB.getLoginStatus(function(response) {
FB.api("/me/permissions", "delete", function(response){
});
});
}
Solution 4
You need to use destroySession
for Facebook to do
www.example.com?act=logout
<?php
php sdk blah blah
if($_GET['act'] =='logout'){
$facebook->destroySession();
}
$params = array(
'scope' => 'read_stream, friends_likes',
'redirect_uri' => 'https://www.myapp.com/post_login_page'
);
$loginUrl = $facebook->getLoginUrl($params);
?>
Maybe you need to set param to make it redirect.
cdub
Updated on June 12, 2022Comments
-
cdub almost 2 years
How do I make a logout using Facebook's api log me out of my app (a website), but keep me logged into facebook.com?
This logs me in alright:
window.fbAsyncInit = function() { FB.init({ appId : '<?= APP_ID ?>', status : true, cookie : true, xfbml : true, oauth : true, }); FB.Event.subscribe('auth.login', function(response) {alert(response); window.location = 'http://reviewsie.com/accounts/facebook'; }); }; (function(d) { var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;} js = d.createElement('script'); js.id = id; js.async = true; js.src = "//connect.facebook.net/en_US/all.js"; d.getElementsByTagName('head')[0].appendChild(js); }(document));
But then I click logout on my site which I kill my session to my app. Then when you click on the fb:login-button again, it just opens and closes and doesn't do anything because I'm still connected to facebook. I want it to redirect.
But if when I logout I also use Facebook::logoutUrl it logs me out of my app AND facebook which is not what I want.
-
Leon about 12 yearswhen u logout from ur site, u dun wan to log facebook out. when u click login, u wan it to redirect to a specific pages? is this wat u want?
-
Leon about 12 yearsif u wan to logout from ur sites oni. just use $facebook->destroySession(); , do not use getLogoutURL.
-
Leon about 12 yearsadd in param like this , by right it should redirect ^^ 'redirect_uri' => 'myapp.com/post_login_page'
-
Leonard Pauli over 11 yearsI don't think he wants to delete the permission!! Just a normal logout!! @DMCS
-
DMCS over 11 years"How do I make a logout using Facebook's api log me out of my app (a website), but keep me logged into facebook.com?" This is their question, right? The only way to force reauth is to delete the current auth token (at least it was this way Feb 2012 .. maybe Facebook has changed something). Please enlighten us on how you would answer their question.
-
DMCS about 11 years@LeonardPauli very nice solution to the problem, I'm surprised that this issue which would seem to be very relevant to many peoples' websites has garnered such little attention. I don't do anything in PHP (C# for me) so learning something new is always fun.
-
Art Geigel over 8 yearsThis is the correct answer in my opinion. You don't want to fully revoke permissions and force the reauthorization dialog. Destroying the FB session from the server allows you to kill any FB connectivity your app has without logging the user out of FB entirely. Sometimes users want peace-of-mind of logging out of a given app without annoying them by also logging them out of FB. Nice simple solution. Thanks for posting.