I’m wondering if there is some kind of header to add, or some way where I can “force” a user when going to the SSO page to have to use their eve username and password to Authorize.
This is needed due to the tool I am creating will have support for multiple eve accounts on a single “website” account which can be authed by any character id coming back on login.
The only annoying thing so far is having to go to the SSO page, and click cancel, and then go back to the website manually and login with SSO, and then login, rather than just passing a header with it to say “User has to login ignoring how long ago they did login”.
Okay, so if you log in with SSO, and then click the log in with SSO again, you remain logged in on one account on the eve authentication site. To swap accounts that you are logging in with, you need to click cancel on the eve auth site, then go back, then refresh the page - otherwise you just get the recently logged in accounts character selection. Like so.
No there is no easy way. It is a well known issue and gripe with the community devs.
For now just need them to follow one of two ways
First one is to hit logout on the account management screen at https://secure.eveonline.com/
Or to hit cancel then back, refresh and should show the login screen again.
However, i would wrap this usage in some conditional logic, as it would be quite annoying if the user is wanting to auth characters on the same account and has to log in every time to do so.