Preventing automatic sign-in when using Google+ Si

2019-01-08 11:40发布

站内问答 / 后端开发
511 9 4

I am in the process of integrating Google+ sign in with my site, which also lets users sign in with Twitter and Facebook. The sign in page of the site therefore has 3 buttons, one for each of the services.

The issue I am having is in the following scenario:

  • user goes to the sign in page
  • user signs in successfully with G+
  • user signs out of my site (but the account is still associated with G+, signing out of the site does not disconnect the G+ account)
  • user visits the sign in page again
  • at this stage the Sign in with G+ button is rendered and automatically signs the user into the account associated with G+ without the user having to click the button

The problem is that on revisiting the sign in page, I want the user to have the option of signing in with another service, rather than automatically being signed in with G+. If the user wants to sign in with G+ then they can do so by clicking the button - the user will then be signed in automatically.

Is it possible to prevent this automatic sign in on button render? I can simulate it by using the data-approvalprompt="force" as an attribute on the button, but I don't think this is an ideal solution (the user then has to go through the confirmation process, which I would ideally would like to prevent)

标签: google-plus
举报
9条回答
Viruses.
2楼-- · 2019-01-08 11:58

I am using https://developers.google.com/identity/sign-in/web/build-button to build the sign in button for my web app which gives the user a choice to log in through either Facebook or Google. This code is pretty easy for obtaining the Id_token. However it also came with automatic signing in of the user if the user is already signed in.

Thus, adding the following snippet in the beginning of the script helped me control the signup procedure.

    window.onbeforeunload = function(e){
      gapi.auth2.getAuthInstance().signOut();
    };

Thanks!

查看更多
0人赞 添加讨论(0) 举报
Viruses.
3楼-- · 2019-01-08 12:00

I have been struggling with this for a while and could not find a way to prevent automatic sign in to Google using the "easy implementation" of the Sign-in

I ended up using the custom integration which does not attempt to auto sign in (also allowed me to change the appearance in the same time)

查看更多
0人赞 添加讨论(0) 举报
别忘想泡老子
4楼-- · 2019-01-08 12:06

I too has same issue this how i fixed it.I may not sure this is a stander way to do it but still it works fine with me...

add this Google JS from google developer 

<script src="https://apis.google.com/js/platform.js" async defer></script>
<script>

function onSuccessG(googleUser) {
        var profile = googleUser.getBasicProfile();
        console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
        console.log('Name: ' + profile.getName());
        console.log('Image URL: ' + profile.getImageUrl());
        console.log('Email: ' + profile.getEmail());
}
function onFailureG(error) {
    console.log(error);
}
function renderGmail() {

  gapi.signin2.render('my-signin2', {
    'scope': 'https://www.googleapis.com/auth/plus.login',
    'width': 0,
    'height': 0,
    'longtitle': true,
    'theme': 'dark',
    'onsuccess': onSuccessG,
    'onfailure': onFailureG
  });
}

Now add html link and onClick call this renderGmail() function.

<a href="javascript:void(0)" onclick="renderGmail();"> SignUp with Gmail</a>

I hope this works...

查看更多
0人赞 添加讨论(0) 举报
一纸荒年 Trace。
5楼-- · 2019-01-08 12:06

Our AngularJS solution was:

$scope.$on('event:google-plus-signin-success', function (event, authResult) {
                if( authResult.status.method !== "AUTO"){
                    onGoogleLogIn(authResult[settings.configKeys.googleResponseToken]);
                }
            });
查看更多
0人赞 添加讨论(0) 举报
冷血范
6楼-- · 2019-01-08 12:06

I solved this by adding a click handler to my Google sign-in button. The click handler sets a global Javascript variable google_sign_in to true. When the onSuccess() handler fires (whether automatically on page load, or manually when the user clicks the sign-in button), it first checks whether google_sign_in == true and only then does it continue signing the user in:

<div id="google-signin2" onclick="return do_click_google_signin();"></div>

<script>
    var google_sign_in = false; // assume

    function do_click_google_signin() {
        google_sign_in = true;
    }

    function onSuccess( googleUser ) {
        if ( google_sign_in ) {
            // Process sign-in
        }
    }

    // Other redundant login stuff not shown...
</script>
查看更多
0人赞 添加讨论(0) 举报
太酷不给撩
7楼-- · 2019-01-08 12:14

Unfortunately calling gapi.auth.signOut() made the app to log-in again when I'm requesting user data (neither it is persistent)

So the solution, as suggested by @class is to revoke the token:

  $.ajax({
    type: 'GET',
    url: 'https://accounts.google.com/o/oauth2/revoke?token=' +
        gapi.auth.getToken().access_token,
    async: false,
    contentType: 'application/json',
    dataType: 'jsonp',
    success: function(result) {
      console.log('revoke response: ' + result);
      $('#authOps').hide();
      $('#profile').empty();
      $('#visiblePeople').empty();
      $('#authResult').empty();
      $('#gConnect').show();
    },
    error: function(e) {
      console.log(e);
    }
  });
查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)