If you use oauth/authorize instead of oauth/authenticate they will be
prompted by the allow/deny page everytime instead of skiping back to your
application. Is that what you want to do?

Abraham

On Tue, Apr 20, 2010 at 19:56, Jonathon Hill <jhill9...@gmail.com> wrote:

> Taylor,
>
> The problem with that is when I get my request token and redir to the
> authorization page, if I'm logged in to Twitter.com it skips right on
> by and redirects back to my app, so there's no opportunity to register
> on my site as a *different* Twitter user, except for deliberately
> going to twitter.com and logging out. Abraham's suggestion of forcing
> login helps, but a more elegant solution would be to provide a way to
> kill the authorization in the browser somehow at will, instead of
> forcing it each time.
>
> I'm really dealing with an edge case here, as most users won't have
> more than one account, but attention to edge cases is what separates
> average apps to excellent apps, as I'm sure you well know.
>
> Thanks,
> Jonathon
>
>
> On Apr 20, 3:55 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> wrote:
> > Hi Jonathon,
> >
> > You'd handle this on your own back end. Using OAuth a user is never
> "logged
> > in" -- there is no concept of a session or persistence -- it's all
> > stateless. The association between your user and an access token is your
> > own. If you want a user to be able to use multiple twitter accounts on
> your
> > site, you would design a model relationship between access tokens and
> users
> > such that a user can have many access tokens -- you'd then use context
> > shifting of some kind in your application that establishes one of the
> access
> > tokens belonging to the user is the "current access token." This will let
> > your users context shift seamlessly. You'd obviously also have to ensure
> > that the security of your application is such that a user never has
> access
> > to access tokens that don't belong to them.
> >
> > Taylor Singletary
> > Developer Advocate, Twitterhttp://twitter.com/episod
> >
> >
> >
> > On Tue, Apr 20, 2010 at 12:48 PM, Jonathon Hill <jhill9...@gmail.com>
> wrote:
> > > Hello,
> >
> > > I'm building an app that uses OAuth for registration and
> > > authentication. Is there any way to log an authenticated user out of
> > > twitter, so that he/she can log in with a different twitter account?
> >
> > > Calling the REST endpoint /account/end_session.json doesn't work.
> >
> > > Thanks,
> >
> > > Jonathon Hill
> >
> > > Company52
> > >http://company52.com
> > > @compwright
> >
> > > --
> > > Subscription settings:
> > >http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
>



-- 
Abraham Williams | Developer for hire | http://abrah.am
@abraham | http://projects.abrah.am | http://blog.abrah.am
This email is: [ ] shareable [x] ask first [ ] private.

Reply via email to