Facebook Passport- Case when User logged out facebook

I am using passport-facebook to handle facebook login for my site. Here's the relevant code:

Less Important:

passport.use(new FacebookStrategy({

            // pull in our app id and secret from our auth.js file
            clientID: configAuth.facebookAuth.clientID,
            clientSecret: configAuth.facebookAuth.clientSecret,
            callbackURL: configAuth.facebookAuth.callbackURL

        },

        // facebook will send back the token and profile
        function (token, refreshToken, profile, done) {

            // asynchronous
            process.nextTick(function () {
            //check for the user in db
            ...
            if(user found..){
               return done(null, user); // user found, return that user 
            }
            else{
                        // if there is no user found with that email id, create them
                        var newUser = {};
                        ............
                        return done(null, newUser);
             }

      

Deserialise serialization:

// used to serialize the user for the session
    passport.serializeUser(function (user, done) {
        console.log('serializing user.');
        done(null, user.id);
    });

    // used to deserialize the user
    passport.deserializeUser(function (id, done) {
        getDBHandle(function (db) {
            db.collection('users').findOne({'id':id}, function (err, user) {
                console.log('deserialize user.',id,user);
                done(err, user);
            });
        });
    });

      

Subscriber: // route for authentication and facebook login

app.get('/auth/facebook', passport.authenticate('facebook', { scope : 'email' }));

// handle the callback after facebook has authenticated the user
app.get('/auth/facebook/callback',
    passport.authenticate('facebook', {
        successRedirect : '/profile',
        failureRedirect : '/'
    }));

      

Tone sets : As soon as the user logs in, the user's loggedin information is saved req.user

in accordance with the passport.

 app.get('/isAuthenticated',function(req,res){
       ...
       res.send(req.user);
    });

      

Now let's say a user logs out of their facebook account like passport knows that a logout event has occurred.

Basically, if a user logs out of fb, then even our application should take into account that the user is not logged in.

I tried calling isAuthenticated

after fb logout, passport still returns the same user information.

How should I handle this situation?

Do I need to call each time /auth/facebook

to check if the user is verified and not depending on req.user

?

+3


source to share





All Articles