So, we have a Twitter module on our website.
It lets users to:
- “login” - Login with their twitter username and password
- “logout” - Logout of their twitter account
- “refresh” - View most recent tweets and
- “see all” - A redirection to their account on twitter.com (already logged-in)
We faced an issue known to many with “logout” whereby destroying the access token still kept the user logged-in till they closed their browser. But after logout, since we wanted the users to enter their username and password when they clicked login, we used “force_login=true”. This works well.
But a side-effect of this is that when users clicks “see all”, they have to re-login on twitter.com. Before using “force_login=true”, this was not the case.
So it appears using “force_login=true” applies to any links that take user to Twitter.com. Is there a workaround for this? Can we make “force_login=true” applicable only for logging into the module on our site?