Disconnect and Logging Out

It’s a common misconception that the disconnect action is the same as logging the user out, but this is not the case.

Disconnect is the way that your users can ask your project to “forget about my account”. This implies removing the UserSocialAuth instance that was created, this also implies that the user won’t be able to login back into your site with the social account. Instead the action will be a signup, a new user instance will be created, not related to the previous one.

Logging out is just a way to say “forget my current session”, and usually implies removing cookies, invalidating a session hash, etc. The many frameworks have their own ways to logout an account (Django has django.contrib.auth.logout), flask-login has it’s own way too with logout_user().

Since disconnecting a social account means that the user won’t be able to log back in with that social provider into the same user, python-social-auth will check that the user account is in a valid state for disconnection (it has at least one more social account associated, or a password, etc). This behavior can be overridden by changing the Disconnection Pipeline.