API authenticates even with wrong password

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Instantiate the Api class with user credentials,perform something like
getting usertimeline.
2. End the python program
3. Re-execute the program with same user-name but wrong password,the code
again executes as if correct password is supplied

What is the expected output? What do you see instead?
It should throw a unauthorised exception, but instead authenticating with
that wrong password

What version of the product are you using? On what operating system?

Debian-GNU/Linux 5(lenny) 
python 2.6
python-twitter 0.6-devel

Please provide any additional information below.

Original issue reported on code.google.com by selva4...@gmail.com on 3 Oct 2009 at 11:24

[GoogleCodeExporter]

I haven't delved into the code too far.   But I don't think it is actually 
authenticating the second time.  The default cache time is 1 minute.  I think 
if the code is re-executed within that timeframe, it will pull from its cache 
instead of re-authenticating.   Have you tried waiting 5-10 minutes and trying 
again with the wrong password?

Original comment by gaur...@gmail.com on 28 Jul 2010 at 8:18

[GoogleCodeExporter]

should we automatically invalidate the cache for the twitter id if an 
authentication error happens?

My gut is to say no to this as all caching is local so it's not like your 
getting someone else's data.

Original comment by bear42 on 29 Jul 2010 at 9:53

[GoogleCodeExporter]

Marking this as invalid.  The data being returned is cached data so the 
password being wrong isn't even considered.

A more accurate Issue would be to say that the cached data should be 
invalidated if SetCredentials() is called.

Original comment by bear42 on 18 Aug 2010 at 7:53

• Changed state: Invalid