modify twitter auth to fail if mismatch between selected user and current user

config/passport.js

@@ -109,6 +109,7 @@ passport.use(
       } else {
         User.findOne({ twitter: profile.id }, function(err, existingUser) {
           if (err) { return done(err); }
+          if (!existingUser || (existingUser && existingUser.twitter == profile.id)) {
             var user = existingUser || new User();
             user.twitter = profile.id;
             user.email = user.email || '';
@@ -126,9 +127,14 @@ passport.use(
                 user.profile.picture || profile._json.profile_image_url_https;
 
             user.save(function (err) {
-            if (err) { return done(err); }
+              if (err) {
+                return done(err);
+              }
               done(null, user);
             });
+          } else {
+            return done("Sorry, we experienced an error. This has been reported. Try logging in with a different authentication method.");
+          }
         });
       }
     })