Facebook使用OAuth服务器端注销
我只是阅读了手册,但并没有说明如何登录用户。我的问题类似于:
I just read the manual but it doesn't say how to log a user out. My problem is similar to this:
Facebook JS SDK FB.logout()不终止用户会话
但是我正在使用serverside流。我想我需要知道哪个cookie的名称无效,因为删除cookie会将用户登录不出来?
But I'm using the serverside flow. I think I need to know the name(s) of which cookie(s) to invalidate since deleting the cookie would log the user out wouldn't it?
这是我注销,我认为我知道可能已经更改的cookie的名称:
Here's me logout where I assume I know the name of the cookie that could have changed:
class FBLogoutHandler(webapp2.RequestHandler):
csrf_protect = False
def get(self):
logging.debug('in fblogout')
current_user = main.get_user_from_cookie(self.request.cookies,
facebookconf.FACEBOOK_APP_ID,
facebookconf.FACEBOOK_APP_SECRET)
if current_user:
graph = main.GraphAPI(current_user['access_token'])
profile = graph.get_object('me')
accessed_token = current_user['access_token']
logging.debug('setting cookie')
self.set_cookie('fbsr_' + facebookconf.FACEBOOK_APP_ID, None,
expires=time.time() - 86400)
self.redirect('https://www.facebook.com/logout.php?next=http://www.koolbusiness.com/fbredirect&access_token=%s'
% accessed_token)
def set_cookie(
self,
name,
value,
expires=None,
):
if value is None:
value = 'deleted'
expires = datetime.timedelta(minutes=-50000)
jar = Cookie.SimpleCookie()
jar[name] = value
jar[name]['path'] = '/'
if expires:
if isinstance(expires, datetime.timedelta):
expires = datetime.datetime.now() + expires
if isinstance(expires, datetime.datetime):
expires = expires.strftime('%a, %d %b %Y %H:%M:%S')
jar[name]['expires'] = expires
self.response.headers.add_header(*jar.output().split(': ', 1))
您无法将用户登录到FB - 这将需要您访问FB Cookie,您不需要。
You can not log the user out of FB - this would require you to have access to FB cookies, which you do not.
您只能将用户从您自己的应用程序登录。
You can only log user out of your own app.