That depends a lot on the ui. Facebook, for example, logs out on both sites, while Twitter doesn't. If you're worried about a security issue, have you "log out" button say something like "Log out of XXX" where xxx is your site name.
Another option I've seen (when relying completely on a 3rd party log in site) was not to allow log out at all. They let the 3rd party site deal with that, and only allow "join". On Jul 26, 12:04 am, Vignesh Sunder <heartbreaki...@gmail.com> wrote: > Thanks for the reply..But I feel this could be a security issue, > considering the fact that the user (say user1) would not be aware of > the fact that he/she has not yet been logged out of Twitter. If > another user (say user2) gets hold of the system before user1's > cookie/session gets timed out, and happens to access Twitter.com, > there is a bright chance that user1's information can get compromised. > Please correct me if I am wrong in assuming that most of the users who > browse the internet today are still 'innocent' ! -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.