
When you use oAuth2 and redirecting to the authorize route, it will pass and redirect, even when the user did logout on the maniaplanet.com site.
Using the v4.live.maniaplanet.com prefixed URL for the oAuth requests (maybe this is the thing?, but it stated in the docs). It seems the session never gets fully killed or invalidated correctly or the two are separate sessions, which is maybe a problem when you think you are fully logged out, but you aren't really all the way.
You can reproduce with the following steps:
1. Create oAuth2 app and hit Login button.
2. It will redirect to the oAuth2 route of the API/WS.
3. Login with your credentials.
4. Accept the App and get redirected back to the app.
5. Head towards maniaplanet.com and login if not yet done.
6. Logout on maniaplanet.com.
7. Kill session of app and hit the logon button again.
EDIT: It seems also weird that you want to have the chat activated when you login via oAuth screen btw, maybe remove it if it's an oAuth request?