What to do with twitter oauth token once retreived?
Posted
by mcintyre321
on Stack Overflow
See other posts from Stack Overflow
or by mcintyre321
Published on 2010-05-12T16:31:10Z
Indexed on
2010/05/12
16:34 UTC
Read the original article
Hit count: 198
I'm writing a web app that will use twitter as its primary log on method. I've written code which gets the oauth token back from Twitter. My plan is now to
- Find the entry in my Users table for the twitter username retreived using the token, or create the entry if necessary
- Update the Users.TwitterOAuthToken column with the new OAuth token
- Create a permanent cookie with a random guid on the site and insert a record into my UserCookies table matching Cookie to User
- when a request comes in I will look for the browser cookie id in the UserCookies table, then use that to figure out the user, and make twitter requests on their behalf
- Write the oauth token into some pages as a js variable so that javascript can make requests on behalf of the user
- If the user clears his/her cookies the user will have to log in again to twitter
Is this the correct process? Have I created any massive security holes? thanks!
© Stack Overflow or respective owner