Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

passport.js - facebook strategy logout issue

Tags:

node.js

express

passport.js

I'm trying to set up facebook authentication using this login example. Example works but when I log out and try to log in again passport automatically lets me in without giving me an option to change facebook user. Any idea on how to change this behaviour?

like image 206
adrian Avatar asked Oct 13 '12 14:10

adrian

1 Answers

By default, if you have already authorized login with Facebook, subsequent requests to authenticate will be automatic and won't prompt the user to authorize again. There are three options to change this behavior:

1. Log the user out of Facebook

This is undesirable, since you only want to log the user out of your application and not Facebook entirely.

2. De-authorize the user from your Facebook application

This is your best bet. To do this, make an HTTP DELETE call to https://graph.facebook.com/me/permissions with a valid Facebook access token. Read more at https://developers.facebook.com/docs/reference/api/user/#permissions.

3. Force the user to re-authenticate each time you log them in

Facebook supports an auth_type parameter, which will prompt the user to login each time when set to reauthenticate. Read more at https://developers.facebook.com/docs/howtos/login/client-side-re-auth/.

Passport.js does not support passing this parameter out of the box, so you might have to do a little hacking to get it working in your application, or submit a pull request to the passport-facebook GitHub project.

However, you can optionally prompt the user to reauthenticate each time by using a specific parameter. Working but hacky and not-recommended way of doing this below:

FacebookStrategy.prototype.authorizationParams = function (options) {
  var params = {},
      display = options.display,
      auth_type = options.auth_type;
  if (display) params['display'] = display;
  if (auth_type) params['auth_type'] = auth_type;
  return params;
};
passport.use(new FacebookStrategy({
    clientID: FACEBOOK_APP_ID,
    clientSecret: FACEBOOK_APP_SECRET,
    callbackURL: "http://localhost:3000/auth/facebook/callback",
    auth_type: "reauthenticate"
  },
  function(accessToken, refreshToken, profile, done) {
    process.nextTick(function () {
      return done(null, profile);
    });
  }
));
like image 88
Rob DiMarco Avatar answered Oct 13 '22 19:10

Rob DiMarco
Sign in to Comment

Related questions

How do I pass a populated Mongoose object to the rendering code?
How do I run a index.jade file?
translate xml to json in node.js
Bug when sending array in node.js and socket.io
is there a cookies based session store for nodejs (connect, express)?
Jade template engine, rendering HTML as text
MVC with node.js: expressjs, backbonejs, railwayjs
Node.js + Mongoose works locally, but not on Heroku
faceted search using node-solr
Upsert with Mongoskin (node.js and mongodb)
What is a good way to store binary files on Heroku?
Is there is any problems if we don't close the mysql connection in mysql node js module
javascript stop an infinite loop
Node.js: crypto.pbkdf2 password to hex
Store images in Mongodb serve them with Nodejs
Compressing a Hex String in JavaScript/NodeJS
NodeJS ReadStream not reading bufferSize bytes at a time
Node.js CMS options more active & featureful than Calipso? [closed]
Update and/or add array element properties using req.body via Mongoose?
How to set the current host for Passport strategy callbackURL?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!