Clearing authentication

Aug 12, 2013 at 5:10 PM
Hello, I am having trouble authenticating multiple users after I first authenticate one user. I am using VS 2012 and have laid out my website so that when a user clicks on the sign in button they get sent to the twitter authentication page and then gets called back to my page. The issue now is that if I try to authorize another user right after I just finished authorizing I can't go to the authorization page anymore. I have tried to redirect the page to do a post back but it's not working.

Can anyone point me in the right direction I'm kind of new to linq to twitter. Thanks!
Aug 12, 2013 at 5:17 PM

Are you using SessionStateCredentials in your Authorizer and testing different users with the same browser session? If so, you would need to make sure that the OAuthToken and AccessToken on the Credentials are either set to null to force a new Authorization or set to an OAuthToken/AccessToken that you saved for the currently logged in user.

Aug 12, 2013 at 5:22 PM
Thank you for the quick response !

Yeah I'm using SessionStateCredentials, would I need to set them to null after I store them to my database or right before I call BeginAuthorization?
I can't believe I never thought about this, would Session.Abandon() accomplish the same thing as setting both tokens to null?
Aug 12, 2013 at 5:29 PM
I quickly tried both methods and they both seem to accomplish the job.

Thank you again for your help!
Aug 12, 2013 at 5:31 PM
You probably don't want to after storing them because you need all 4 credentials to do queries after being authenticated and that would wipe them out, causing a 401 error from Twitter. It's best to set them to null when you know you're working with a brand new user.

Generally, each user has their own copy of SessionState, so you wouldn't normally see this problem. e.g. if you log on as a user and perform queries, close the browser, and then reopen the browser to operate as the other user.

Session.Abandon() could cause problems in other parts of your application that use session state because it would wipe out everything being held in session.