Disconnect is basically that, an entry removal from the DB, plus some
extra functionality like check if it's OK to disconnect the social
account (avoiding such scenario when the user doesn't have a password
set), and issues revoke token calls to the providers (usually for
OAuth2 providers that implement such option).
I bet your problem with "user.social_auth.all().delete()" is that when
the user tries to use the social account again, there's no way to link
it to the original user account, so a new user is created instead,
right? If that's the case, you might need to enable user-association
by email (which isn't 100% secure), check here for more details
http://psa.matiasaguirre.net/docs/use_cases.html#associate-users-by-email.
Matías
--
Matías Aguirre
http://matiasaguirre.net