passport.js - facebook strategy logout issue

passport logout not working
express-session logout
passport-jwt logout
auth0 passport logout
passport js remove session
passport-saml logout
passport logout laravel
passport js github logout

I'm trying to set up facebook authentication using this login example. Example works but when I log out and try to log in again passport automatically lets me in without giving me an option to change facebook user. Any idea on how to change this behaviour?

By default, if you have already authorized login with Facebook, subsequent requests to authenticate will be automatic and won't prompt the user to authorize again. There are three options to change this behavior:

1. Log the user out of Facebook

This is undesirable, since you only want to log the user out of your application and not Facebook entirely.

2. De-authorize the user from your Facebook application

This is your best bet. To do this, make an HTTP DELETE call to https://graph.facebook.com/me/permissions with a valid Facebook access token. Read more at https://developers.facebook.com/docs/reference/api/user/#permissions.

3. Force the user to re-authenticate each time you log them in

Facebook supports an auth_type parameter, which will prompt the user to login each time when set to reauthenticate. Read more at https://developers.facebook.com/docs/howtos/login/client-side-re-auth/.

Passport.js does not support passing this parameter out of the box, so you might have to do a little hacking to get it working in your application, or submit a pull request to the passport-facebook GitHub project.

However, you can optionally prompt the user to reauthenticate each time by using a specific parameter. Working but hacky and not-recommended way of doing this below:

FacebookStrategy.prototype.authorizationParams = function (options) {
  var params = {},
      display = options.display,
      auth_type = options.auth_type;
  if (display) params['display'] = display;
  if (auth_type) params['auth_type'] = auth_type;
  return params;
};
passport.use(new FacebookStrategy({
    clientID: FACEBOOK_APP_ID,
    clientSecret: FACEBOOK_APP_SECRET,
    callbackURL: "http://localhost:3000/auth/facebook/callback",
    auth_type: "reauthenticate"
  },
  function(accessToken, refreshToken, profile, done) {
    process.nextTick(function () {
      return done(null, profile);
    });
  }
));

passport.js - facebook strategy logout issue - node.js - html, Then go to server.js and add a logout route: app.get('/logout', function(req, res) { req.logout(); res.redirect('/'); });. From what I tried, passport  The Facebook strategy allows users to log in to a web application using their Facebook account. Internally, Facebook authentication works using OAuth 2.0. Support for Facebook is implemented by the passport-facebook module.

The Facebook Passport supports the auth_type, which will redirect the user to sign in again for the OAuth tokens for the app even the users have login on the browser. To enable this re-login behaviour on Facebook, use the following code

passport.authenticate('facebook', {authType: 'reauthenticate', callbackURL:...

Logging a user out · Issue #2 · passport/express-4.x-facebook , I'm using passport-local and cookie-session, with Express. req.logout not working with "local strategy" #246. Open In passport/lib/sessionmanager.js , I found this code instance: Authenticator { _key: 'passport', _strategies: { session: [Object], local: [Object], facebook: [Object] }, _serializers: [ [Function] ]  passport-facebook. Passport strategy for authenticating with Facebook using the OAuth 2.0 API.. This module lets you authenticate using Facebook in your Node.js applications. By plugging into Passport, Facebook authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Expre

You need to logout from facebook too (or remove the application from the list in your settings). Otherwise facebook remembers that the user (you) has accepted to login into your app and returns to the application without asking you anything.

req.logout not working with "local strategy" · Issue #246 , Passport exposes a logout() function on req (also aliased as logOut() ) that can be called from any route handler which needs to terminate a login session. The req.logout method doesn't seem to delete the session values when invoked. I'm using passport-local and cookie-session, with Express. It looks like similar issues are discussed on StackOverflow.

As when looked at the options , the value is {} , then i have added the field auth_type = "reauthenticate" in authorizationParams, instead of putting as options in the constructor or as Authenticate options( both didn't work for me ).

var fbStrategy = require('passport-facebook').Strategy;
fbStrategy.prototype.authorizationParams = function (options) {
var params = {};
params.auth_type = "reauthenticate";
// params.auth_nonce = hash.digest((new Date()).getTime());
// console.log(options,":options",params)
return params;
};
passport.use('facebook',new fbStrategy({
  clientID: process.env.clientID,
  clientSecret: process.env.clientSecret,
  callbackURL: yourcallbackURL,
   // this option to pass req
  passReqToCallback : true
},
  function (req, accessToken, refreshToken, profile, cb) {
    ......
 }));

Documentation: Log Out, The Facebook strategy allows users to log in to a web application using their Facebook account. Internally, Facebook authentication works using OAuth 2.0. Consult the provider-specific documentation for further details. Facebook. The Facebook strategy allows users to log in to a web application using their Facebook account. Internally, Facebook authentication works using OAuth 2.0. Support for Facebook is implemented by the passport-facebook module. Install $ npm install passport-facebook

Documentation: Facebook, Tried to modify to the social auth challenge to use facebook instead of github using the following Strategy; var mongoose = require('mongoose'); var bcrypt app.get('/auth/facebook/callback', passport.authenticate('facebook', () + '/views/​pug/profile', {user: req.user}); }); app.route('/logout') .get((req, res)  Log Out. Passport exposes a logout() function on req (also aliased as logOut()) that can be called from any route handler which needs to terminate a login session.Invoking logout() will remove the req.user property and clear the login session (if any).

Passport-facebook social auth not working - JavaScript, node.js authentication using passport facebook strategy logout request handler​, passport attaches a logout() function to the req object,. // and we call this to  passport-facebook. Passport strategy for authenticating with Facebook using the OAuth 2.0 API.. This module lets you authenticate using Facebook in your Node.js applications. By plugging into Passport, Facebook authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Expre

node.js authentication using passport facebook strategy, Hey gang, in this Passport OAuth tutorial I'll be showing you how we can easily log users Duration: 9:03 Posted: Nov 3, 2017 Authenticate. Authenticating requests is as simple as calling passport.authenticate() and specifying which strategy to employ.authenticate()'s function signature is standard Connect middleware, which makes it convenient to use as route middleware in Express applications.

Comments
  • Did you logout from facebook too?