All geek questions in one place

How to remove direct login to Google Plus using the Gplus render / button

According to google doc. When the google login button is loaded, it immediately checks to see if the user allows the application. This check is called โ€œimmediate mode,โ€ and if successful, Googleโ€™s servers return the access token and pass a new authorization response object to the callback. If the button cannot authenticate in immediate mode, the user must press the login button to activate the access flow.

My Google Plus login button is part of the header, and when I leave home, the page is loaded, it again displays the google plus button, resulting in automatic login. Because of this, the user never logged out. How can it allow login when the G Plus button is pressed, and not when the G Plus buttom is reconnected?

+2
source share
4 answers

The immediate option did this for me, although it has the same effect as approval, it asks for consent. Facebook seems to cope with these options a bit.

gapi.signin.render("splashGPlusReg", { 'callback': GPSignInCallback, 'clientid': '<yourclientId>', 'cookiepolicy': 'single_host_origin', 'immediate': false, 'requestvisibleactions': 'http://schemas.google.com/AddActivity', 'scope': '<scopes>' });
+1
source

You have two ways to remove immediate sign-in to Google Plus.

1 is not a good approach: use data-confirmprompt = "force" in your button. I wrote an example below:

  <span id="signinButton" > <span class="g-signin g-link" data-callback="signinCallback" data-clientid="*****.apps.googleusercontent.com" data-cookiepolicy="single_host_origin" data-scope="https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.profile.emails.read" data-approvalprompt="force" style= "cursor:pointer;"> Login With Google </span> </span>

This is not a good approach, because if you add this, Google will ask the user to provide additional permission for offline access. Thus, this may prevent the user from registering at all due to this permission.

2- best approach: just exit Google after receiving a response in your signincallback function. just add:

 gapi.auth.signOut();

You should write this line after receiving the answer. It is better to save it as the last line inside the request.execute (function (resp) function.

By adding this code, Google will not give out a login if someone does not press the login button. This approach is also recommended by Google.

+1
source

I found a way to do this, maybe this is exactly what you want too:

disable automatic authentication for Google+ social subscription

0
source

This is not a clean fix, but you can try filtering by the status.method authResult property passed to the callback.

Filter out any callbacks that start with authResult.status.method set to AUTO , but handle any null (logged in with one authorized Google account) or PROMPT (user selected one of several Google accounts).

0
source

Source: https://habr.com/ru/post/1499405/

More articles:


All Articles