Ensure that Quo account’s associated Twitter username is used by everyauth
Closed this issue · 1 comments
Each Quo user is supposed to have a family of associated destination accounts (e.g., Twitter, Facebook, etc.). The Quo web app must ensure that when a Quo user logs in, the correct associated destination account is used, as opposed to, say, whatever account was last stored in a cookie or other external persistent state.
I investigated this quite a bit and it appears that the very nature of OAuth actually prevents this information from being enforced by the containing application (in this case, Quo). i.e., Quo is not supposed to preset the logged-in user's destination username; the user must authenticate first, and then the information becomes available to Quo.
Thus, the alternative is to just show good feedback for what a user’s login/username/ID is in all applicable destinations. A sufficient proof of concept for this has been done (though not presented very well yet), and so we will close this issue.
If a user notices that he/she is not using the correct username (because, say, he/she has multiple Twitter accounts, or is using someone else’s computer), the user needs to re-sign in before posting anything.