Facebook使用OAuth服务器端注销

我只是阅读了手册,但并没有说明如何登录用户。我的问题类似于:

I just read the manual but it doesn't say how to log a user out. My problem is similar to this:

Facebook JS SDK FB.logout()不终止用户会话

但是我正在使用serverside流。我想我需要知道哪个cookie的名称无效,因为删除cookie会将用户登录不出来?

But I'm using the serverside flow. I think I need to know the name(s) of which cookie(s) to invalidate since deleting the cookie would log the user out wouldn't it?

这是我注销,我认为我知道可能已经更改的cookie的名称:

Here's me logout where I assume I know the name of the cookie that could have changed:

class FBLogoutHandler(webapp2.RequestHandler):

    csrf_protect = False

    def get(self):
        logging.debug('in fblogout')
        current_user = main.get_user_from_cookie(self.request.cookies,
                facebookconf.FACEBOOK_APP_ID,
                facebookconf.FACEBOOK_APP_SECRET)
        if current_user:
            graph = main.GraphAPI(current_user['access_token'])
            profile = graph.get_object('me')
            accessed_token = current_user['access_token']
        logging.debug('setting cookie')
        self.set_cookie('fbsr_' + facebookconf.FACEBOOK_APP_ID, None,
                        expires=time.time() - 86400)

        self.redirect('https://www.facebook.com/logout.php?next=http://www.koolbusiness.com/fbredirect&access_token=%s'
                       % accessed_token)

    def set_cookie(
        self,
        name,
        value,
        expires=None,
        ):
        if value is None:
            value = 'deleted'
            expires = datetime.timedelta(minutes=-50000)
        jar = Cookie.SimpleCookie()
        jar[name] = value
        jar[name]['path'] = '/'
        if expires:
            if isinstance(expires, datetime.timedelta):
                expires = datetime.datetime.now() + expires
            if isinstance(expires, datetime.datetime):
                expires = expires.strftime('%a, %d %b %Y %H:%M:%S')
            jar[name]['expires'] = expires
        self.response.headers.add_header(*jar.output().split(': ', 1))




 1 条回答