Uploaded image for project: 'Titanium SDK/CLI'
  1. Titanium SDK/CLI
  2. TIMOB-3025

Android: Facebook.logout called from activity destroy event doesn't (always) succeed in clearing saved session info



      {html}<div><p>Some app developers want to clear the saved Facebook session
      information when a user backs out of an app, so that the session
      info doesn't automatically get remembered the next time the app is
      started. I want to recommend to them that they should use the
      <code>destroy</code> event of the root activity, such as in this
      example app.js:</p>
      <code class="javascript">Titanium.UI.setBackgroundColor('#000');
      Ti.Facebook.appid = "PUT A FACEBOOK APP ID HERE";
      var win = Titanium.UI.createWindow({
      exitOnClose: true

      Ti.API.info('Root activity destroying');
      win.add( Ti.Facebook.createLoginButton({style: 'wide'}) );
      <p>Run that example and login to Facebook. Then completely back out
      of the application. Then go back in to the application –
      unfortunately you'll probably see the facebook button still says
      "logout", so it thinks it is logged in even though we called
      <code>logout()</code> when the user backed out of the app, which is
      when <code>destroy</code> occurs (you can see that
      <code>logout()</code> really does get called if you watch
      <p>So what has happened is that the user really is logged out of
      that Facebook session (the OAuth 2.0 token is no longer valid), but
      Titanium doesn't know about it, so the login button is screwed up
      and showing "Logout" instead of "Connect with Facebook".</p>
      <p>I think what's happening here is that the relevant Titanium code
      to clear the saved session info (saved as a private entry in the
      Android Shared Preferences store) does not run until an
      Asynchronous call to Facebook's logout API has returned. By the
      time that Async call is finished, there are no listeners available
      any more (the user has backed out of the app, the root activity has
      been destroyed, etc.)</p>
      <p>What we need to do is destroy the session info right when
      <code>Ti.Facebook.logout()</code> is called, rather than wait for a
      return from FB's logout API call. After all, if an app developer
      has called <code>.logout()</code>, he wants that session destroyed,
      so why wait? This way the destruction of the session occurs
      synchronously within the <code>destroy</code> thread.</p></div>{html}




            • Assignee:
              billdawson Bill Dawson
              billdawson Bill Dawson
            • Watchers:
              0 Start watching this issue


              • Created:

                Backbone Issue Sync

                • Titanium SDK/CLI <> Titanium Mobile
                  Synced with:
                  Sync status:
                  Last received:
                  Last sent:

                  Git Integration