On Mon, Jul 25, 2011 at 5:47 AM, Vignesh Sunder <heartbreaki...@gmail.com> wrote: > Hi. I was just curious to know about the logout functionality of > OAuth..When a User logs out from the Consumer (After 3-legged OAuth > login) site, the User's session happens to get flushed. But I believe > this happens only on the Consumer side. However, if the User > immediately tries to connect to the Server side, the User is > automatically logged in. I am not sure if I have missed anything on > this, but would appreciate if I am enlightened on the same: Would it > be possible to inform the Server (by the Consumer) that the User has > logged out and the User's session be flushed from the Consumer and the > Server sides? > > Thanks >
If you are logging out of Django (assuming your django app is the consumer), the users session will get flushed from the database (or whatever session is backed with). You'll probably still be logged into the OAuth provider (Twitter, etc). If the person wishes to log out of Twitter, that's where they are going to have to go in order to do that. If they remain logged into Twitter and then start the OAuth login flow from your app, when they get redirected to Twitter for authentication/authorization, Twitter will read their cookie/session, realize that the user is still logged in and has already approved access for your application and will redirect without requiring re-authorization. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
