0
votes

I have implemented facebook authentication in my rails app with devise and omniauth according to this railscast: http://railscasts.com/episodes/236-omniauth-part-2 My question is how to handle the authentications objects.

If I understand it right, when I log in with facebook the token is valid for some time and is saved into the authentications table. How the hell is the expiration handled? Even more, If I log out the authentication stays in the table. So when I log in again, it will find the old authentication model. Shouldn't the authentications table be cleared if the user sings out?

1

1 Answers

0
votes

The facebook is the one who handles the expiration of authentication in the facebook.

What you can control in your rails applicaitons is how devise will expire your authentication. When this happen the user will be prompted to login in facebook again, if it is already logged then he will be redirected authenticated back to your page.

So what you have to control is your settings in devise.

If you want to access the facebook graph, here is a good tutorial to do that: Facebook Integration With Omniauth and Devise on Rails 3

Regards, Felipe Lopes.