how to let the user sign-in as a different user

[hamutsi]

I'm using the GAE users service for login/logout mechanism, with
create_login_url, etc, and it all works fine. BTW, I use the federated
OpenID option.

But I have one problem - since the users service checks with
user=users.get_current_user() then if a user is logged in to his
gmail, it automatically logs him into my service. This is OK, but what
if a different user wants to login? how can I redirect the user to a
page such as the "sign in as a different user"?

I tried to remove the cookie I'm creating, and it gets removed:

if not (self.request.cookies.has_key('ACSID')):
logging.debug('no cookies')
self.redirect(users.create_login_url(self.request.uri))
return
then I see the log for "no cookies", but the next thing happens is
that it logs the user in, without putting him on the "google accounts"
login page... So the user never have the opportunity to login as a
different user.

Any idea?

[Ernesto Oltra]

You don't have to delete any cookies from google; the GMail users DON'T log automatically, they have to give their permission; Google Accounts doesn't means GMail accounts, so @hotmail, @yahoo, etc. users can log to your application too. You should see:

  http://code.google.com/intl/en/appengine/docs/python/gettingstarted/usingusers.html

  http://code.google.com/intl/es-ES/appengine/docs/python/users/loginurls.html

[Rob Coops]

The trick is the same as logging into Facebook using your Google account or to Google+ using your Facebook account.

The first time a user visits your site even if they are logged in to another Google product they are asked to allow this site to allow them to login using their Google account. If they accept then in their Google account a note is made that this site can now be logged into using their Google account.

The next time the user visits the site they will be asked to login to their Google account, unless they are already logged in for instance via Google+ or Gmail. In that last case the Google account server will check the account see that the site has already been approved by the user and thus log them in without showing the screen asking them to allow the site.

So for a user to use a different login simply have them logout. Once done send them to the login page again and Google will popup with the same question with of course a login box. After all they just logged out of their Google account...

So for you to be able to offer a switch user option you will have to ask the users to logout and log back in with a different account or make it so that your application sends the to the logout page and as soon as they return back to the login page again. At the moment there is no switch user option offered by Google so the ugly load logout page, load login page is the only option if you want to use the Google authentication.

If you need to offer your users this switch user option you will have to simply create your own login service at which point you should be able to switch the user without all the page reloading in the middle.

--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.

To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/4b0TeRPDdKMJ.

To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.