I have a problem with Facebook authentication logic:
- On home page load, I call
getLoginStatus() and if I get "connected", I redirect the user to his account page. If not, the user can click the login button that calls FB.login().
- If the user is logged in and then navigates back to home page (full page load),
getLoginStatus() there returns "connected" as expected and user gets bounced back to account page.
- However, when the logged in user calls
FB.logout() and repeats steps 1-2, the 2nd step will always yield "unknown" login status. So, FB.logout() basically breaks my bouncing logic.
I checked the mechanics of login/logout calls and it appears FB.logout() creates a fblo_<appId> cookie with 1 year expiration that blocks getLoginStatus() from returning the proper status. This seems to be the actual mechanism for keeping people logged out, which I can understand. What I can't understand, though, is: why this cookie is not deleted on a successful FB.login() call?
I fixed it myself by programatically deleting the cookie fblo_<appid> in callback functions of both FB.login() and FB.logout()
I was experiencing this a few days ago but I'm not seeing the issue any more.
In either case make sure you consider these different scenarios when testing:
A person logs into Facebook, then logs into your app. Upon logging out from your app, the person is still logged into Facebook.
A person logs into your app and into Facebook as part of your app's login flow. Upon logging out from your app, the user is also logged out of Facebook.
A person logs into another app and into Facebook as part of the other app's login flow, then logs into your app. Upon logging out from either app, the user is logged out of Facebook.
https://developers.facebook.com/docs/reference/javascript/FB.logout/
Debugging tip:
In the Application tab in Chrome you can select Cookies in the left panel and then type fblo into the search box to filter by that name. When I call FB.login and successfully authenticate I see that the fblo cookie disappears - so I believe this issue fixed.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/5xiWj.png', '推荐 该账号已被封号 的文章《Why doesn't FB.login delete the logout cookie?》','https://www.manongdao.com/article-884643.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}