iOS SDK Logout in background and sessions

Question

I have an app within which I submit data to Facebook, I have the login and everything working perfectly, storing user credentials in the user defaults upon successful login.

The problem I am having is that there seems to be no way of detecting when a user has logged out of either the Facebook app or using Mobile Safari. This means that my app is tied to one and only one user for its lifetime.

I do not want to put a 'Logout' button in my app, if I had one then I could easily call the logout method and delete the user credentials meaning a new user could authenticate with my app, but that's not a possibility.

Does anyone know of a way I can check if a user is logged in and if so get their Facebook ID? This way I could force authorisation again if either there is no one logged in or the credentials of the logged in user and saved credentials do not match.

Thanks

Answer 1

I think the issue and the confusion here is that FB has implemented "Single Sign On (SS-On)" but not "Single Sign Out (SS-Out)".

The way SS-On works is that if you have previously logged in on your app, you will have the token stored on your app. This means that even though you have logged out on the FB app and perhaps then subsequently logged in as another user, as long as your app still has the token from the previous user, you can still access the previous user data.

What you could do is closeSessionAndClearToken on your app when it goes to background. This might or might not be the desired behavior for you. Note that this means everything your app come back from active from background, it will need to do the whole drill of SS-On all over again everytime.

- (void)applicationDidEnterBackground:(UIApplication *)application
{
    [FBSession.activeSession closeSessionAndClearToken];
}

Answer 2

You can use

if([facebook isSessionValid])
{
    // 1. Either the user has logged out
    // 2. Or the user has changed the password
}