0

I am using Django 1.5 and django-social-auth. I am able to login with facebook using the template:

<a href="{% url "socialauth_begin" 'facebook' %}"><img src="{% static "assets/img/login-with-facebook.png" %}"></img></a>

Later I use the disconnect template which I thought would disconnect me from facebook, as in if I later go to facebook.com I should be asked to log in again. I believe this is the usual behavior for most apps that use social authentication.

<a id="logout-option" href={% url "socialauth_disconnect" 'facebook'%}>[logout]</a>

Can someone explain what the expected behavior should be for the socialauth_disconnect and whether it should also log me out of facebook? If not, what is the recommended way of doing so? What about other providers?

Iñaqui
  • 251
  • 4
  • 9

1 Answers1

2

socialauth_disconnect will remove the association between the Facebook account and the User account in your application, as if the user never hit the socialauth_begin link. There's no way from django-social-auth to logout your Facebook account, to make that possible the Facebook SDK might be needed (never did that so I'm not 100% sure), since to make that possible I guess some cookies will be removed, and to do that the script must come from the same domain.

omab
  • 3,721
  • 19
  • 23
  • 1
    I see, the reason why this came up is because we found that the Facebook terms of use says that "Your website must offer an explicit "Log Out" option that also logs the user out of Facebook" in here https://developers.facebook.com/policy. We did end up using the Facebook sdk to logout. Thanks for the clarifaction. – Iñaqui Jun 10 '13 at 19:44