Hello,
I am building a "Log in with Google" mechanic for a website. I seem to have that working, but I must either be doing something wrong, or searching for the wrong thing in trying to get the logging out to work.
The process now involves these steps:
- The user logs in there using his google credentials
- The user is sent back to the login page (as set in the redirect_uri parameter)
- Based on the userinfo we get we log a specific user in on the website
The problem arises when a user logs out. If someone then presses the "Log in with Google"-button again he is logged in on the previously used account right away. This would be okay(-ish) if it was on a personal pc, but this is rarely the case. I've been looking for a way to "log the user out" or "force a new log in", but nothing I've found works or has the intended effect.
Adding the "prompt=select_account" parameter to the initial redirect at least allows the user to pick an account, and thus log in to another, but that in no way prevents anyone from simply using the account already there.
Am I approaching this wrong or is there a "forced relogin" or "log out" I simply cannot find?
Thanks in advance,
Dennis