问题
In a web app using AnularJS and the Facebook SDK, right after initing I'm calling FB.getLoginStatus() to check if user is connected:
In my run method:
window.fbAsyncInit = function() {
FB.init({
appId : '186219064942355',
xfbml : false,
version : 'v2.10'
});
FB.AppEvents.logPageView();
//$rootScope.$broadcast('fbInitiated');
$rootScope.$broadcast('checkFBLoginStatus');
};
(function(d, s, id){
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {return;}
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
In my facebookService:
getLoginStatus: function () {
var deferred = $q.defer();
FB.getLoginStatus( function(response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
//var uid = response.authResponse.userID;
//var accessToken = response.authResponse.accessToken;
deferred.resolve(response);
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
deferred.reject('not authorized');
} else {
// the user isn't logged in to Facebook.
deferred.reject('user is not logged in to Facebook: ' + JSON.stringify(response));
}
}, true);
return deferred.promise;
},
I visually check the result and, if not connected, click in a button which is calling self.loginFB to popup the facebook login dialog. Then I'm successfully logging in and calling FB.getLoginStatus(), just to check the result:
In my controller:
self.loginFB = function () {
if (self.fbStatus !== 'connected') {
facebookService.login().then(
function(response) {
console.log('fb login success');
facebookService.getLoginStatus().then(
function (status) {
self.fbStatus = 'updated: connected';
},
function (statusError) {
self.fbStatus = 'updated: fb error: ' + statusError;
}
);
},
function(error) {
console.log('login error ' + JSON.stringify(error));
}
);
}
};
In my facebookService:
login: function () {
var deferred = $q.defer();
FB.login( function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
deferred.resolve(response);
} else {
console.log('User cancelled login or did not fully authorize.');
deferred.reject('Error occured');
}
}, {
scope: 'public_profile, email, user_birthday',
return_scopes: true
});
return deferred.promise;
},
But this getLoginStatus after login() is coming up as "unknown"! Why, if the login was successful?
Later on, I'm calling a FB.logout(), and I'm getting a response that the user was not logged in:
In my facebookService:
logout: function () {
var deferred = $q.defer();
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
FB.logout(function(response) {
//FB.Auth.setAuthResponse(null, 'unknown');
data = {
name: '',
gender: '',
birthday: '',
email: '',
id: ''
};
console.log('**** FB service logged out');
deferred.resolve(response);
});
} else {
console.log('*** FB was not connected');
}
});
return deferred.promise;
}
How come the previous FB.login() be successful but the user is not logged in? The login went through without errors but both FB.loginStatus and FB.logout didn't work after it. Why?
Additionally, the FB.login() was so successful that now I'm currently logged in facebook.com too (which was previously logged out). Wasn't the FB.logout supposed to disconnect me also from facebook.com, since it was not connected before?
The biggest problem is that since the FB.logout didn't have any effect, now the user is unknowingly logged in to facebook.com... and if another user tries to perform a "signup with facebook" for a new account in my web app, this new user can hijack the facebook profile from the previous user. This is a huge problem!
来源:https://stackoverflow.com/questions/46565954/angularjs-user-was-not-connected-after-a-successful-fb-login