2

I was trying to make HybridAuth forget last user login, but nothing worked!! then I noticed very strange session behavior when using HybridAuth:

1- HybridAuth Sessions are not destroyed even when using session_destroy:

session_start();
var_dump($_SESSION);  //Session Values before authentication

require_once("hybridauth/Hybrid/Auth.php");
$config = 'hybridauth/config.php'; 

$hybridauth = new Hybrid_Auth( $config );
$google = $hybridauth->authenticate( "Google" );

session_unset();
session_destroy();

var_dump($_SESSION);  //Session values after destroy

The Output:

Session Values before authentication!
array (size=2)
  'HA::CONFIG' => 
    array (size=3)
    < ----- content here ------>
  'HA::STORE' => 
    array (size=5)
    < ----- content here ------>

Session values after destroy
array (size=0)
    empty

I get session values even before initializing Hybrid_Auth class. And when I refresh the page same values remain although it appears that the values where cleared at the end of the code.

2- Infinite redirect loop when you clear session at start

session_start();
session_destroy();

require_once( "hybridauth/Hybrid/Auth.php" );
$config = 'hybridauth/config.php'; 

$hybridauth = new Hybrid_Auth( $config );
$google = $hybridauth->authenticate( "Google" );

When I run the above code I get ERR_TOO_MANY_REDIRECTS error!

What is going on here?

DeepBlue
  • 684
  • 7
  • 23

1 Answers1

7

You can clear Hybrid Auth Session for all providers at once by calling 

$this->load->library('hybridauthlib');

$this->hybridauthlib->logoutAllProviders();

or

you can remove session for a specific provider by modifying your Auth.php file with this method

// --------------------------------------------------------------------

/**
* A generic function to logout from a specific provider 
*/ 

public static function logoutFromProvider($provider)
{
    $adapter = Hybrid_Auth::getAdapter( $provider );

    $adapter->logout();
}

You can then call this method like this

//$provider can be Facebook, Twitter, Google etc.
public function logout($provider)
{
    $this->hybridauthlib->logoutFromProvider($provider);
}
shery089
  • 702
  • 11
  • 19