cannot start a new login if browser caches login credential of another user

[xiaodongliang]

If one Autodesk account has logged in some apps of Autodesk/Forge, this Issue sample will always perform the login of this account, even if logout explicitly. It cannot start a new login to allow other account to login. The only way is to clean Autodesk cookies of browser completely

[petrbroz]

I've noticed this in other websites, too. Once I log in with one Autodesk account, I can't log out and log in with a different Autodesk account... I would always clear the cookies, but that's not ideal.

How do you handle that? Is there perhaps some additional parameter I can add to the redirect URI to prevent the Autodesk login from reusing the last username?

[xiaodongliang]

Adam wrote a blog in the past, I cannot find now, while in his sample, the logout can clear the cookies of last account. https://github.com/Autodesk-Forge/forge-derivatives-explorer/blob/master/routes/oauth.js#L38 It works well with the live demo: https://derivatives.autodesk.io

[petrbroz]

I'm using a different node.js module for sessions (cookie-session instead of express-session), but that's not an issue. I'm destroying the session the usual way. The problem is that the username remains cached on the https://auth.autodesk.com domain... I was looking at the GET authorize docs, if perhaps there's some flag to prevent the username from being picked from cookies, but haven't found anything.