You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

nilesh123's avatar
nilesh123
Explorer | Level 3
7 years ago

What is the call for logout from current Dropbox account?

What is the call for logout from current Dropbox account?

 

I followed exactly same procedure to configure my project using SwiftyDropbox.

 

I have called this to logout button in my code:

DropboxClientsManager.unlinkClients() 

 

But when i again login with code:

 

import SwiftyDropbox

func myButtonInControllerPressed() {
    DropboxClientsManager.authorizeFromController(UIApplication.shared,
                                                  controller: self,
                                                  openURL: { (url: URL) -> Void in
                                                    UIApplication.shared.openURL(url)
                                                  })
}

 it just clearing Access Tokens but does not getting logout of current user? and shows me as logged in with Allow and Cancel window?

 

Is there somthing i have missed out ?

 

Thanks in Advance!!!

  • That's correct, the unlinkClients method clears the access tokens stored by the SDK, but it does not sign the user of the Dropbox web site in the browser. (The API access tokens are separate from the web site session.)

    The user can sign out (and sign back in, if they want) manually on the web site. Or, if necessary, the app can direct them to https://www.dropbox.com/logout .
  • Greg-DB's avatar
    Greg-DB
    Icon for Dropbox Staff rankDropbox Staff
    That's correct, the unlinkClients method clears the access tokens stored by the SDK, but it does not sign the user of the Dropbox web site in the browser. (The API access tokens are separate from the web site session.)

    The user can sign out (and sign back in, if they want) manually on the web site. Or, if necessary, the app can direct them to https://www.dropbox.com/logout .
    • Ray F.11's avatar
      Ray F.11
      New member | Level 2

      Isn't this a bug/security hole?  It seems like a major leak in the abstraction. (The fact is that I shouldn't know anything about the web).  FWIW, the BoxSDK gets this right. If you destroy the client, you have to reauth everytime.  I am not sure how to "direct the user" to a URL since it is not like I am using a web client.  At least directly.  I will try some random stuff but it would be useful if you could post some sample code here.  Thanks!

      • Ray F.11's avatar
        Ray F.11
        New member | Level 2

        I believe the correct fix is to implement the auth flow using ASWebAuthenticationSession.

         

        What I am doing now is creating a `SFSafariViewController`, hitting https://www.dropbox.com/logout and when that page loads immediately start `DropboxClientsManager.authorizeFromController`.  There is a visual artifact of seeing a logout screen but at least it works.