I am following authentications steps for AMS as described here:
http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-how-to-use-client-library/#caching
From Kendo UI mobile app (Javascript)
I can log in using Google as an authentication provider using client.login("google"), execute authenticated AMS custom API calls
and also doing client.Logout() via button, that seems to successfully disconnect me from AMS
On subsequent client.login(), however, I do not get the Google account login window. It is seemingly stored in a cookie and the user is logged in automatically, thus not giving me a chance to log in as another user.
I was wondering what additional actions besides client.Logout() I must do to initiate the Google login screen on the next session after the user decided to logout. I do not want to force the user out of his Google account, as this would be impolite, just log him out of my application.
I know this question is old, but since it is not answered and I found it out recently I decided to post the answer here.
When you go to google.com you can add another account (top right icon). After that you can choose after each logout which account you want to use for your application to login. And you can even add other accounts to log in.
Related
I followed the tutorial to Build JavaScript single-page apps with Microsoft Graph, and use it for my real project.
With this tutorial, I could able to create the web app for login user and create a calendar event. The problem is the session is always quickly expired as soon as I refresh so that I have to login again and again. Is there any way I can keep user still login after refresh browser. I wish it just like the google calendar id here that can keep user signed in even after fresh browser. Thanks.
Use localStorage to store the logged in user details. On refresh or the first visit to your site, first check to see if the details are available in local storage. If they are available, then log in the user automatically. Otherwise request the user to login and save the details in local storage.
I'm incorporating Google Sign-In for my website and the basic setup is working fine, however I face a problem to manage the user's login status.
I came across the below SO question, which suggested to use sessionStorage/localStorage to carry the login status across pages of a website, and when user signs out the stored info should be cleared.
https://stackoverflow.com/a/40206395/5345604
I afraid I don't entirely understand the suggested implementation though. What if user signs out from his Google account somewhere else, say from Gmail or from Google Maps? In this case when the user revisits my website, how can I detect that he is no longer signed in with Google and remove the stored client side session? Or this is not the way it is supposed to work?
And on top of the above question, I'm also thinking about the authentication with my backend (PHP). Given the ID token, shall I be sending it across to my server and authenticate it with the Google API Client Library every time? Or shall I only authenticate the user once and store a flag of indication in $_SESSION, and then destroy the session when the user signs out? (Given that the token is in fact a JWT, I suppose the implementation is meant to be stateless and requires the token to be passed to the server every time? Are there any concerns to implement it with the traditional approach of a server side session?)
I can only answer your first question: The login of your website is completely separate from the login status of other Google services. Even YouTube is separate from google.com.
I am using a Google App Engine (Java) with Google Cloud Endpoints. I would like to use Endpoint's built in authentication, and am doing so successfully with Google Sign-In for Websites.
Can you change the sign-in button behavior so that upon clicking the button the user is redirected to the Google sign in page and back rather than a new window opening? This would really improve the UX, especially for mobile.
In addition, is it possible to redirect non logged-in users automatically to the sign in page?
AFAIK there is no possible way to get the login into the same window. You can definitely post a Feature Request for such a thing on our issue tracker here.
As to answer your second question, yes it is possible to send non logged-in users directly to the sign in. You just need to check, at the top of your handler, if the user is signed in, and kick off the authentication flow if he isn't.
I have implemented login with google using google plus api. I have achieved the basic steps but still have some doubts which can be errors for my project in coming future or currently also.
What I have accomplished :
got google user profile info.
got email id
got the contacts of the google logged in account.
Problems and doubts I am facing are:
Once I logged in using google account on clicking a button in my website and just logout from my website,then I am unable to again login in my website by using google login button but that google login button doesnt perform any event and I am not getting any error on browser console.
Currently I have used the attribute approval: force ,till this time on clicking the login button if multiple gmail ids are logged in it ask through which id I want to login.But here I get each time the approval popup which is irritating for the user if he/she is using same id for login. So, I want to remove the approval:force ,But if i do so then as soon as my application reloads the api gets automatically called,and start fetching information.
I need it should still ask me from which account I want to login
I have a public-facing web app that will be in a kiosk-like environment. The app requires users to log in with Facebook in order to interact with the app. I am not requiring users to register or to sign up for the site, but rather just log in so the app will have access to their basic info.
This works perfectly, but the issue is when a user logs out and the app is ready for the next user to log in, the previous user's email address is in the OAUTH form.
Is there any way to keep this from being persistant?
EDIT:
To log in, users are being redirected to the Facebook OAuth Dialog page. Once the user logs in it redirects back to the app. It's not really "authenticating" for the app, I am just using Javascript to show the app content once the Facebook JS API detects that a user is logged-in.
Edit
some reason I cannot log in with my account "kevinj". Anyway, I should have been more specific in regard to the setting of this app. It is an iPad web app and the tablet device will be handed out to users for interaction and gathering data.
I have "fixed" this issue by forcing FB to use the desktop browser based OAUTH dialog instead of the Touch version. This allows the user to un-check the "keep me logged in" option and clear out their info after log out.
Thanks for the suggestions and input. I wish I could close this question out but can't log in to my account.
Sine you are on a Kiosk-like environment, I suppose you have access to the browser's options?
If that's the case then I think turning of form history will do the trick. (Firefox example)
Have you tried adding "autocomplete="off"" to the HTML field?