2

Heading

I'm working on Google App Engine. Using Python with the webbapp2 framework.

I use Google API to login e logout. It seems to work well. Login and logout are perfect. This is the Google official guide: https://developers.google.com/+/web/signin/

The problem is that just after being logged out refreshing the page the user will automatically logged-in again.

This is Login Button with relative parameters: 

    <span
        class="g-signin"
        data-callback="signinCallback"
        data-clientid="##################.apps.googleusercontent.com"
        data-cookiepolicy="single_host_origin"
        data-requestvisibleactions="http://schemas.google.com/AddActivity"
        data-scope="https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/userinfo.email">
        <button type="button">GOOGLE+ LOGIN</button>
    </span>

This is Logout Button: 

    <button onclick="disconnectUser()">Disconnect</button>

This is the Logout callback function: 

<script type="text/javascript">
        function disconnectUser(access_token) {
          var revokeUrl = 'https://accounts.google.com/o/oauth2/revoke?token=' +
              access_token;

          // Esecuzione di una richiesta GET asincrona.
          $.ajax({
            type: 'GET',
            url: revokeUrl,
            async: false,
            contentType: "application/json",
            dataType: 'jsonp',
            success: function(nullResponse) {
              // Esegui un'azione, l'utente è disconnesso
              // La risposta è sempre indefinita.

                document.getElementById('signinButton').setAttribute('style', 'display: inherit');
                document.getElementById('revokeButton').setAttribute('style', 'display: none');
            },
            error: function(e) {
              // Gestione dell'errore
              // console.log(e);
              // Puoi indirizzare gli utenti alla disconnessione manuale in caso di esito negativo
              // https://plus.google.com/apps
            }
          });
        }
        // È possibile attivare la disconnessione con un clic del pulsante
        $('#revokeButton').click(disconnectUser);
    </script>

What do you think? What could be the problem? Something concerning cookies setting?

Pit
  • 21
  • 1
  • 2
  • Did you find an answer? I am having the same problem with gapi.auth.signOut(). – Martin Velez Feb 11 '15 at 21:56
  • Check my answer [here](http://stackoverflow.com/questions/20446803/google-login-how-to-logout-using-gapi-auth-signout/32892148#32892148) – frmi Oct 05 '15 at 12:30

2 Answers2

4

You should be calling gapi.auth.signOut() to sign out the user. Disconnect, as you are implementing here, will disconnect the user from your application and de-authorize your application to make API calls on behalf of the user. An example would be:

<button onclick="gapi.auth.signOut()">Sign out</button>

See Signing out the user for more information on how to correctly sign out a user.

Also worth noting:

  • If you are running from localhost, logout may not work.
  • The Sign in callback is also called on failure: make sure to check that the error message is absent to check, i.e:

    function signinCallback(authResult) {                                          
      if (authResult['status']['signed_in']) {                                  
          // Signed in                                                            
        } else {                                                                  
          console.log('Sign-in failed: ' + authResult['error']);                  
        }                                                                         
    }
class
  • 8,621
  • 29
  • 30
  • 2
    Why doesn't signOut() work when running from localhost? I am experiencing this now. By work I the user is logged in automatically after refreshing the page. – Martin Velez Feb 11 '15 at 03:41
1

If the logout isn't working on localhost for you, try saving the user you get after making the request and using the disconnect function on the user you got. Works like a charm for me, this method is nowhere documented as far as i know. That's also the reason why is just implemented both methods, just in case.

var theUser = null;
function onSignIn(googleUser) {
  theUser = googleUser //Please note that you should validate
                       //your user's token on the Server side
                       //if you are trying to save the id on the server
}

function onLogOut(){
  var auth2 = gapi.auth2.getAuthInstance();
  auth2.signOut().then(function () {
    $('#logout').hide();
    $('#login').show();
  });
  theUser.disconnect();
}

To log in as another User afterwards you may need to refresh the page with something like this:

location.reload();
Eden
  • 53
  • 7