0

So, I've been at this for a while now, went through a bunch of different questions, and still no solution.

If I log in regularly, all is fine, I can logout as expected. But, if I login with facebook (authorize the app), then there is no way to logout unless I manually delete the cookies from within my browsers menu.

Following that logic, I wanted to destroy the cookies in the logout action using this code(after I modified my session settings to work across subdomains, for my particular case):

function logout() {
        if ($this->Cookie->read('Auth.User')) {
            $this->Cookie->delete('Auth.User');
        }
        $this->Auth->logout();
        unset($_SESSION['fb_MYAPP_ID_user_id']);
        unset($_COOKIE['fbm_MYAPP_ID']);
        unset($_COOKIE['fbsr_MYAPP_ID']);
        unset($_COOKIE['CAKEPHP']);
        //pr($_SESSION);pr($_COOKIE);exit(); //here I see that the cookies are in fact deleted
        $this->redirect($this->Auth->logout());
        $this->redirect('/login');
    }

But every time after the logout redirect it brings the user back, logged in, and the session/cookies recreated.

I went through a lot of SO questions and answers and none worked for me. Any ideas?

Nick Zinger
  • 1,174
  • 1
  • 12
  • 28

2 Answers2

1

You cannot simply unset cookies from the cookie container, this is just the server side representation of the cookies contained in the request.

To delete cookies you need to set the exact same cookie (domain, path, name) but with an expiration that has passed - when read by the client this will cause the cookie to not be sent with the next request.

You can see how this is done in https://github.com/facebook/facebook-php-sdk/blob/master/src/base_facebook.php#L132.

Sean Kinsey
  • 37,689
  • 7
  • 52
  • 71
0

I ended up using a combination of the following answers:

CakePHP + Facebook

$facebook->getSession() call breaks page below the call

The code on the first one is more complete, but is outdated. I also kept the unset() calls that I have in my question, and it seems to work good for now.

Community
  • 1
  • 1
Nick Zinger
  • 1,174
  • 1
  • 12
  • 28