问题
As per google doc: When the google sign in button is loaded, it immediately checks to see if the user has authorized the application. This check is called "immediate mode" and if successful, the Google servers return an access token and pass a new authorization result object to the callback. If the button cannot make an immediate-mode authorization, the user must click the sign-in button to trigger the access flow.
My Google Plus signin button is part of header and on logout the home page is loaded,It again renders google plus button resulting in automatic login. User is never logged out due to this. How is it possible to allow login when when G Plus button is clicked and not when when the G Plus buttom reders itself?
回答1:
The 'immediate' parameter did it for me, although it has the same affect as 'approvalprompt', prompts for consent. Facebook seems to handle these options a little better.
gapi.signin.render("splashGPlusReg", {
'callback': GPSignInCallback,
'clientid': '<yourclientId>',
'cookiepolicy': 'single_host_origin',
'immediate': false,
'requestvisibleactions': 'http://schemas.google.com/AddActivity',
'scope': '<scopes>'
});
回答2:
You have two ways to Remove immediate Google Plus Login.
1- not a good approach: use data-approvalprompt="force" in your button. I wrote an example below:
<span id="signinButton" >
<span
class="g-signin g-link"
data-callback="signinCallback"
data-clientid="*****.apps.googleusercontent.com"
data-cookiepolicy="single_host_origin"
data-scope="https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.profile.emails.read"
data-approvalprompt="force"
style= "cursor:pointer;">
Login With Google
</span>
</span>
It is not a good approach because if you add this, then Google ask a user to give one extra permission for offline access. So it may let user won't signup at all because of this permission.
2- better approach: just signout from Google after receiving response in your signincallback function. just add:
gapi.auth.signOut();
You should write this line after you received the response. It is better to keep it as a last line inside the request.execute(function(resp) function.
By adding this code, Google won't render the login unless someone click on the login button.This approach is recommended by Google too.
回答3:
I found a way to do this, maybe it's exactly what you want too:
disable automatic authentication for Google+ social sign-in
回答4:
It's not the cleanest fix, but you can try filtering on the status.method property of the authResult passed into the callback.
Filter any callbacks that are triggered with authResult.status.method set to AUTO, but process any that are null (logged in via single authorized Google account) or PROMPT (user chose one of several Google accounts).
来源:https://stackoverflow.com/questions/17259585/how-to-remove-immediate-google-plus-login-with-gplus-button-render