calling /sessions/destroy then /login never gives you an opportunity to re-authenticate as a different user

mbleigh / twitter-auth

Standard authentication stack for Rails using Twitter to log in.

355 stars 48 forks source link

calling /sessions/destroy then /login never gives you an opportunity to re-authenticate as a different user #17

Closed kylebragger closed 14 years ago

kylebragger commented 15 years ago

Is this something that must be handled by the user via revoking access to the app, then hitting /login again?

mbleigh commented 14 years ago

This is actually better solved by logging out of Twitter on the user side. If you want your app to be usable by multiple people more easily, change the authorization URL to /oauth/authorize instead of /oauth/authenticate. It will then provide a chance to log out if you're already registered.

kylebragger commented 14 years ago

Ah, thanks!