Taylor,
The problem with that is when I get my request token and redir to the
authorization page, if I'm logged in to Twitter.com it skips right on
by and redirects back to my app, so there's no opportunity to register
on my site as a *different* Twitter user, except for deliberately
going to
twitter.com and logging out. Abraham's suggestion of forcing
login helps, but a more elegant solution would be to provide a way to
kill the authorization in the browser somehow at will, instead of
forcing it each time.
I'm really dealing with an edge case here, as most users won't have
more than one account, but attention to edge cases is what separates
average apps to excellent apps, as I'm sure you well know.
Thanks,
Jonathon
On Apr 20, 3:55 pm, Taylor Singletary <
taylorsinglet...@twitter.com>
wrote:
> Hi Jonathon,
>
> You'd handle this on your own back end. Using OAuth a user is never "logged
> in" -- there is no concept of a session or persistence -- it's all
> stateless. The association between your user and an access token is your
> own. If you want a user to be able to use multiple twitter accounts on your
> site, you would design a model relationship between access tokens and users
> such that a user can have many access tokens -- you'd then use context
> shifting of some kind in your application that establishes one of the access
> tokens belonging to the user is the "current access token." This will let
> your users context shift seamlessly. You'd obviously also have to ensure
> that the security of your application is such that a user never has access
> to access tokens that don't belong to them.
>
> Taylor Singletary
> Developer Advocate, Twitterhttp://
twitter.com/episod