Google Identity Services - stay signed in - javascript

I'm migrating from the Google sign-in platform library to the new Google Identity Services with one-tap sign in, but the website automatically logs the user out when they refresh or go to a different page.
This is the code that's present on every page that loads the one-tap sign in:
<div id="g_id_onload"
data-client_id="[CLIENT ID]"
data-callback="onSignIn"
data-auto_select="true">
</div>
Removing this just keeps the user logged out with no way to log back in. There is a cookie, g_state, that stores the user's login, as well as attributes to display the popup based on its presence, but working with this also keeps the user logged out with no way to log back in.
Is there any way to prevent automatic logout on refresh?

Setting a cookie to track user sign-in status to your site should do it.
A few things to be aware of:
Your callback handler will manage the signed-in or signed-out status for users, here OnSignIn.
The cookie name set by data-skip_prompt_cookie is used to suppress One Tap after the user successfully signs into your website -- you've already logged in right, so stop bothering me with One Tap prompts. So, after someone visits any page and signs in, you'll issue a cookie so that One Tap isn't displayed when the next page is loaded. You'd want to clear this cookie when they sign out of your website.
The data-skip_prompt_cookie helps you control when to display One Tap when you're using static HTML, when using JS you'd choose to display One Tap by calling google.accounts.id.prompt or skip calling it and displaying One Tap.
Avoid using or referencing g_state entirely, it currently helps manage how to display the UI and isn't intended to be used as a means to try and track signed-in or session status. Instead, track user sign-in using your own cookie and data-skip_prompt_cookie.

Related

Keep user logged in after refresh browser for Microsoft Graph API?

I followed the tutorial to Build JavaScript single-page apps with Microsoft Graph, and use it for my real project.
With this tutorial, I could able to create the web app for login user and create a calendar event. The problem is the session is always quickly expired as soon as I refresh so that I have to login again and again. Is there any way I can keep user still login after refresh browser. I wish it just like the google calendar id here that can keep user signed in even after fresh browser. Thanks.
Use localStorage to store the logged in user details. On refresh or the first visit to your site, first check to see if the details are available in local storage. If they are available, then log in the user automatically. Otherwise request the user to login and save the details in local storage.

How to prevent a function from firing off when the user refreshes a page?

I'm making a game, in which a user logs in, clicks a "Start Game" button, and a random token (and team JSON) is generated after a user clicks that button and navigates to the game page. The functionality works in that our Firebase database is updated each time the game page is loaded with a brand new token/team object, but what I want to prevent is the function from firing off if the user keeps refreshes the page while still logged in.
What is the best way to track logged-in sessions? Would trying to track cookies be a better approach?
If you are already using Firebase, then you can take a look at the Firebase Auth APIs, which handle sign-in sessions very well.
If you are just storing game sessions, and nothing secure or valuable, then cookies will be an okay option, just remember that they can be edited by the user.
If you want to keep a page from calling a function on refresh, a good way to do this would be with cookies as well. You can create a cookie when the user first visits the page, then it checks for the cookie when the page loads, and if it doesn't contain the cookie, then you can call the function. You can also give a way for the user to delete the cookie if they want to start a new game.
have you tried
event.preventDefault()
https://api.jquery.com/event.preventdefault/

Google Sign In Auth2, how to persist the session?

I am trying to create a Google Sign In workflow, the problem i have, after the button click, the modal to select the account, i get the success callback and i can access the user basic profile.
The problem is, when i refresh the site. If i run auth2.isSignedIn.get() it always return false.
To be sure my code is not the problem, i copy this example from Google
https://github.com/googleplus/gplus-quickstart-javascript/blob/master/index.html
Enter the site with Google code, login, select my account from the modal and the site display my information but when i reload the site, the session disappear.
Maybe i am missing something, how we can persist the session so the user don't have to login every time we refresh the site.
Thanks!
For this you need to implement the authentication in a server and maintain the session using cookies
You can use node, passport to achieve this. Hope this helps.

LogOut user from Azure mobile Service from hybrid mobile app

I am following authentications steps for AMS as described here:
http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-how-to-use-client-library/#caching
From Kendo UI mobile app (Javascript)
I can log in using Google as an authentication provider using client.login("google"), execute authenticated AMS custom API calls
and also doing client.Logout() via button, that seems to successfully disconnect me from AMS
On subsequent client.login(), however, I do not get the Google account login window. It is seemingly stored in a cookie and the user is logged in automatically, thus not giving me a chance to log in as another user.
I was wondering what additional actions besides client.Logout() I must do to initiate the Google login screen on the next session after the user decided to logout. I do not want to force the user out of his Google account, as this would be impolite, just log him out of my application.
I know this question is old, but since it is not answered and I found it out recently I decided to post the answer here.
When you go to google.com you can add another account (top right icon). After that you can choose after each logout which account you want to use for your application to login. And you can even add other accounts to log in.

Facebook API - OAUTH login screen retains user email address

I have a public-facing web app that will be in a kiosk-like environment. The app requires users to log in with Facebook in order to interact with the app. I am not requiring users to register or to sign up for the site, but rather just log in so the app will have access to their basic info.
This works perfectly, but the issue is when a user logs out and the app is ready for the next user to log in, the previous user's email address is in the OAUTH form.
Is there any way to keep this from being persistant?
EDIT:
To log in, users are being redirected to the Facebook OAuth Dialog page. Once the user logs in it redirects back to the app. It's not really "authenticating" for the app, I am just using Javascript to show the app content once the Facebook JS API detects that a user is logged-in.
Edit
some reason I cannot log in with my account "kevinj". Anyway, I should have been more specific in regard to the setting of this app. It is an iPad web app and the tablet device will be handed out to users for interaction and gathering data.
I have "fixed" this issue by forcing FB to use the desktop browser based OAUTH dialog instead of the Touch version. This allows the user to un-check the "keep me logged in" option and clear out their info after log out.
Thanks for the suggestions and input. I wish I could close this question out but can't log in to my account.
Sine you are on a Kiosk-like environment, I suppose you have access to the browser's options?
If that's the case then I think turning of form history will do the trick. (Firefox example)
Have you tried adding "autocomplete="off"" to the HTML field?

Categories