How to understand old user logged out and a new user logged in at the same browser?

Oct 3, 2013 at 1:24 PM
For example I authorized an application with my Twitter account. Then I logged out and a friend of mine logged in to his Twitter account in another tab. This causes a situation where my friend can use the application like he authorized it, but the application knows my account, not his.

To prevent this I read that I just have to authenticate my friend's account in my application, but how can I programmatically understand that old user has logged out, or a new one logged in to perform this?

Thanks for any help.
Coordinator
Oct 3, 2013 at 5:27 PM
Hi,

Twitter used to have an end_session endpoint, but deprecated it when they went to API v1.1. In your situation, I would add some logic in your logout function that clears the credentials from memory of the person logging out. That will force the next person logging in to authenticate.

@JoeMayo
Oct 4, 2013 at 6:25 AM
Thanks for reply.

But in this case I dont have any authentication function in my project. It is more of a public. So I don't have a log out function naturally :) What can I do to understand that user logged off their Twitter account only?
Coordinator
Oct 4, 2013 at 6:49 AM
There isn't an API for logon/logoff. Check out the Twitter API and you'll see that there aren't any logon/logoff (Authentication) endpoints.

@JoeMayo