If i don't want to manage an authentication system, risk storing passwords, make users go through the paint of yet another registration flow then I might consider just using Sign in with Twitter every time someone sign into my site.
Abraham ------------- Abraham Williams | Hacker Advocate | http://abrah.am @abraham | http://projects.abrah.am | http://blog.abrah.am This email is: [ ] shareable [x] ask first [ ] private. On Fri, Sep 3, 2010 at 09:47, Bernd Stramm <bernd.str...@gmail.com> wrote: > On Fri, 3 Sep 2010 01:27:34 -0700 (PDT) > Ken <k...@cimas.ch> wrote: > > > I thought I had found a solution, albeit a horrendously ugly one: > > redirect them to http://twitter.com/logout, but even that doesn't > > work. > > > > If you are looking for reliable, don't log them in with OAuth - except > > once, the first time, when you store their token. > > Indeed. > > If you already have the token, why would you make them log in? > > If you get a new token every time they visit your 3rd party ("consumer") > site, you generate a lot of authorized tokens, ALL of which are valid > for the rest of eternity, or until twitter decides that it should be > possible to invalidate tokens. > > Bernd > > -- > Bernd Stramm > bernd.str...@gmail.com > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en