How to 'reset' external authentications?

I want to remove the external authentication data... so that the users who have already added their account needs to add them again...
 
You've kind of answered your own question really. I can't see any other way around it other than truncating the table.

Though don't forget this will effectively lock out all of those users who have registered new accounts via the process and therefore don't have a password...

You could write a custom script to do this in the same way the controller handles this. This would allocate passwords to those users who do not have passwords...

PHP:
$users = array() // Build a custom query that selects all user_id and facebook_auth_id and forms them into an array. Maybe fetchPairs would work.

foreach ($users AS $key => $user)
{
	$auth = $this->_getUserModel()->getUserAuthenticationObjectByUserId($user['user_id']);
	$this->getModelFromCache('XenForo_Model_UserExternal')->deleteExternalAuthAssociation(
		'facebook', $user['facebook_auth_id'], $user['user_id']
	);

	if (!$auth->hasPassword())
	{
		$this->getModelFromCache('XenForo_Model_UserConfirmation')->resetPassword($user['user_id']);
	}	
}

That should loop through all users with external authentication (only considers Facebook), deletes the association and finally if they have no password set, then one is e-mailed to them.
 
I thought you set the password once you authenticate through facebook? :confused:
Nope.

If you register via the Facebook Integration feature (without first having an existing account) you do not have a password.

You cannot login with a password, you can only login via the external provider, e.g. Facebook.

This means if you disable Facebook Integration, you may have a load of accounts who can no longer log in to your forum.

Likewise, if you delete your external auth table, you will have a load of accounts again who cannot log in.

If you have an existing forum account and you associate your account with Facebook this isn't an issue because you have a password AND you have external authentication tokens. So removing those tokens won't be a problem.

The only time a password is involved with External Auth is when you associate your existing account with Facebook, it asks you to confirm your forum password if you currently have one. This is just for verification purposes.
 
Top Bottom