How to log out user from facebook application, but maintain login from facebook

facebook facebook-javascript-sdk facebook-php-sdk logout
Alias picture Alias · Mar 20, 2012 · Viewed 11.7k times · Source

I have tried the PHP SDK (v.3.1.1), and the current Javascript SDK as suggested here : https://developers.facebook.com/docs/guides/web/

now when trying to log out I have tried both FB.logout() ( for js ) and $facebook->getLogoutUrl() ;

as the documentation for both clearly state, these methods log the user out of the application as well as their facebook session.

But I only need to log the user out of the facebook application ( the test site ).

I have tried logging the user out of my test site, ignoring the facebook aspect. But in this case, when the user clicks the login button again, the login flow ( facebook authentication and redirect ) does not happen.

I also tried : ( as suggested by previous unresolved questions)

$facebook->destroySession();

unset($_SESSION['fb_' . sfConfig::get('app_fb_config_id') . '_code']);
unset($_SESSION['fb_' . sfConfig::get('app_fb_config_id') . '_access_token']);
unset($_SESSION['fb_' . sfConfig::get('app_fb_config_id') . '_user_id']);

however, when redirecting to the login page, $facebook->getUser() still retrieves the user.

note : as per documentation example, I am using php sdk to login the user to my test site, and the js sdk, to render and facilitate the facebook login button.

additional :

the authentication i use is basically what documentation suggests : 

<?php

define('YOUR_APP_ID', 'YOUR APP ID');

//uses the PHP SDK.  Download from https://github.com/facebook/php-sdk
require 'facebook.php';

$facebook = new Facebook(array(
  'appId'  => YOUR_APP_ID,
  'secret' => 'YOUR APP SECRET',
));

$userId = $facebook->getUser();

?>

<html>
  <body>
    <?php if ($userId) { 
      $userInfo = $facebook->api('/' + $userId); ?>
      Welcome <?= $userInfo['name'] ?>
    <?php } else { ?>
    <div id="fb-root"></div>
    <fb:login-button></fb:login-button>
    <?php } ?>
    <script>
      window.fbAsyncInit = function() {
        FB.init({
          appId      : '<?= YOUR_APP_ID ?>',
          status     : true, 
          cookie     : true,
          xfbml      : true,
          oauth      : true,
        });

        FB.Event.subscribe('auth.login', function(response) {
          window.location.reload();
        });
      };

      (function(d){
         var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
         js = d.createElement('script'); js.id = id; js.async = true;
         js.src = "//connect.facebook.net/en_US/all.js";
         d.getElementsByTagName('head')[0].appendChild(js);
       }(document));
    </script>
  </body>
</html>

Answer

Nitzan Tomer picture Nitzan Tomer · Mar 20, 2012

Taking your code, and modifying just a bit:

<?php
    define('YOUR_APP_ID', 'YOUR APP ID');

    //uses the PHP SDK.  Download from https://github.com/facebook/php-sdk
    require 'facebook.php';

    $facebook = new Facebook(array(
      'appId'  => YOUR_APP_ID,
      'secret' => 'YOUR APP SECRET',
    ));

    session_start();

    $userId = $facebook->getUser();
    if ($userId && !isset($_SESSION['fbdata'])) {
        $_SESSION['fbdata'] = array("userid" => $userId);
    }
?>

<html>
    <body>
    <?php if ($userId) {
        $userInfo = $facebook->api('/' + $userId); ?>
        Welcome <?= $userInfo['name'] ?>
    <?php } else { ?>
        <div id="fb-root"></div>
        <fb:login-button></fb:login-button>
    <?php } ?>
        <script type="text/javascript">
            window.fbAsyncInit = function() {
                FB.init({
                    appId      : '<?= YOUR_APP_ID ?>',
                    status     : true, 
                    cookie     : true,
                    xfbml      : true,
                    oauth      : true,
                });

                FB.Event.subscribe('auth.login', function(response) {
                    window.location.reload();
                });
            };

            (function(d){
                var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
                js = d.createElement('script'); js.id = id; js.async = true;
                js.src = "//connect.facebook.net/en_US/all.js";
                d.getElementsByTagName('head')[0].appendChild(js);
            }(document));
        </script>
    </body>
</html>

I just added the saving of the user data into the session. Now, if you use this method, when the user get's into your page you should check if he already has a session, if so all is good no need to authenticate him.

When you want to log the user out of your app, but not out of facebook, just destroy that session:

session_start(); 
session_destroy();

That should remove all saved data you have for the user, next time he visits your page you can start fresh with him.

I'm not a php programmer, and all of the php I used here is from my (very) limited knowledge and what I've found around.

Related questions

Face recognition via facebook API

Currently, if I have a facebook friend whom I've tagged in a picture that I've uploaded, when I upload a picture with his face on it, facebook automatically suggests his user as a tag. Is it possible to emulate this …

Read More
Facebook Auth Dialog: Developer warning concerning the use of "display" type "popup"

starting today we receive developer warnings in the auth dialog with the following message: You are using a display type of 'popup' in a large browser window or tab. For a better user experience, show this dialog with our JavaScript …

Read More
How to add facebook share button on my website?

I have this code that suppose to work, but doesn't work. If this helps you in anyway that would be great. <script src='http://connect.facebook.net/en_US/all.js'></script> <p><…

Read More