I successfully got django_openid_auth working in my django project, and can now login with my Google account. What I can't figure out is how to logout. The standard django.contrib.auth.views.logout view will logout the user, but subsequently visiting a page that requires authentication will authenticate the user again without a prompt. How can I completely logout the user?
One of the purposes of OpenId is to simplify logging in process. Behaviour that you are experiencing is absolutelly correct. First time you were logging in to your application with your Google account, you allowed OpenId provider (Google) to send data to your application. As the data is still in database you don't have to be prompted again for allowing access.
Nevertheless if you want to be prompted again you should clear the data from database manually. You can do this by creating custom logout view or by using Signal infrastructure and adding the following:
from django.contrib.auth.signals import user_logged_out
@receiver(user_logged_out)
def clear_openid_data(sender, user,**kwargs):
# wipe out data according to models in django_openid_auth..
to signals.py
It's worth mentioning that user_logged_out is available since Django 1.3