Uploaded image for project: 'Titanium SDK/CLI'
  1. Titanium SDK/CLI
  2. TIMOB-3025

Android: Facebook.logout called from activity destroy event doesn't (always) succeed in clearing saved session info

    Details

      Description

      {html}<div><p>Some app developers want to clear the saved Facebook session
      information when a user backs out of an app, so that the session
      info doesn't automatically get remembered the next time the app is
      started. I want to recommend to them that they should use the
      <code>destroy</code> event of the root activity, such as in this
      example app.js:</p>
      <pre>
      <code class="javascript">Titanium.UI.setBackgroundColor('#000');
      Ti.Facebook.appid = "PUT A FACEBOOK APP ID HERE";
      var win = Titanium.UI.createWindow({
      title:'Test',
      backgroundColor:'#fff',
      exitOnClose: true
      });

      Ti.Android.currentActivity.addEventListener('destroy',function(){
      Ti.API.info('Root activity destroying');
      Ti.Facebook.logout();
      });
      win.add( Ti.Facebook.createLoginButton({style: 'wide'}) );
      win.open();</code>
      </pre>
      <p>Run that example and login to Facebook. Then completely back out
      of the application. Then go back in to the application –
      unfortunately you'll probably see the facebook button still says
      "logout", so it thinks it is logged in even though we called
      <code>logout()</code> when the user backed out of the app, which is
      when <code>destroy</code> occurs (you can see that
      <code>logout()</code> really does get called if you watch
      logcat.</p>
      <p>So what has happened is that the user really is logged out of
      that Facebook session (the OAuth 2.0 token is no longer valid), but
      Titanium doesn't know about it, so the login button is screwed up
      and showing "Logout" instead of "Connect with Facebook".</p>
      <p>I think what's happening here is that the relevant Titanium code
      to clear the saved session info (saved as a private entry in the
      Android Shared Preferences store) does not run until an
      Asynchronous call to Facebook's logout API has returned. By the
      time that Async call is finished, there are no listeners available
      any more (the user has backed out of the app, the root activity has
      been destroyed, etc.)</p>
      <p>What we need to do is destroy the session info right when
      <code>Ti.Facebook.logout()</code> is called, rather than wait for a
      return from FB's logout API call. After all, if an app developer
      has called <code>.logout()</code>, he wants that session destroyed,
      so why wait? This way the destruction of the session occurs
      synchronously within the <code>destroy</code> thread.</p></div>{html}

        Attachments

          Activity

            People

            • Assignee:
              billdawson Bill Dawson
              Reporter:
              billdawson Bill Dawson
            • Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Backbone Issue Sync

                • Titanium SDK/CLI <> Titanium Mobile
                  Synced with:
                  TIMOB-2624
                  Sync status:
                  ERROR
                  Last received:
                  Last sent:

                  Git Integration