What to do with twitter oauth token once retreived?

Posted by mcintyre321 on Stack Overflow See other posts from Stack Overflow or by mcintyre321
Published on 2010-05-12T16:31:10Z Indexed on 2010/05/12 16:34 UTC
Read the original article Hit count: 195

Filed under:

oauth

|

twitter

|

cookies

I'm writing a web app that will use twitter as its primary log on method. I've written code which gets the oauth token back from Twitter. My plan is now to

Find the entry in my Users table for the twitter username retreived using the token, or create the entry if necessary
Update the Users.TwitterOAuthToken column with the new OAuth token
Create a permanent cookie with a random guid on the site and insert a record into my UserCookies table matching Cookie to User
when a request comes in I will look for the browser cookie id in the UserCookies table, then use that to figure out the user, and make twitter requests on their behalf
Write the oauth token into some pages as a js variable so that javascript can make requests on behalf of the user
If the user clears his/her cookies the user will have to log in again to twitter

Is this the correct process? Have I created any massive security holes? thanks!

© Stack Overflow or respective owner

Related posts about oauth

Issues POSTing XML to OAuth and Signature Invalid with Ruby OAuth Gem

as seen on Stack Overflow - Search for 'Stack Overflow'
[Cross-posted from the OAuth Ruby Google Group. If you couldn't help me there, don't worry bout it] I'm working on integrating a project with TripIt's OAuth API and am running into a weird issue. I authenticate fine, I store and retrieve the token/secret for a given user with no problem, I can even… >>> More
how do i install PHP with JSON and OAuth on Mac Snow Leopard?

as seen on Server Fault - Search for 'Server Fault'
i want to use the dropbox api via this library http://code.google.com/p/dropbox-php/ i installed MAMP then I tried "sudo pecl install oauth" but I got downloading oauth-1.0.0.tgz ... Starting to download oauth-1.0.0.tgz (42,834 bytes) ............done:… >>> More
How do I install PHP with JSON and OAuth on Mac Snow Leopard?

as seen on Server Fault - Search for 'Server Fault'
I want to use the Dropbox API via this library, http://code.google.com/p/dropbox-php/. I installed MAMP, and then I tried sudo pecl install oauth but I got the following. >>>> downloading oauth-1.0.0.tgz ... Starting to download oauth-1.0.0.tgz (42,834 bytes) ............done: 42… >>> More
Oauth for Google API example using Python / Django

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am trying to get Oauth working with the Google API using Python. I have tried different oauth libraries such as oauth, oauth2 and djanog-oauth but I cannot get it to work (including the provided examples). For debugging Oauth I use Google's Oauth Playground and I have studied the API and the… >>> More
OAuth::Problem (parameter_absent)

as seen on Stack Overflow - Search for 'Stack Overflow'
Im working with OAuth 0.3.6 and the linkedin gem for a Rails application and I have this issue where OAuth throws an error saying that OAuth::Problem (parameter_absent). The thing is it doesn't throw the error on every occasion its called and the problem is I am unable to reproduce the issue locally… >>> More

Related posts about twitter

Generating a twitter OAuth access key - the semi-manual way

as seen on Hadermann.be - Search for 'Hadermann.be'
[UPDATE] Apparently someone at Twitter was listening, or I’m going senile/blind. Let’s call it a combination of both. Instead of following all the steps below, you could just login with the Twitter account you want to use on http://dev.twitter.com, register your application and then click… >>> More
shell_exec escaping quotes in php for Twitter API --> Getting CURL to work with obscure twitter api

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using shell_exec() to execute a Twitter API Call. shell_exec('curl -u user:password -d "id=3191321" http://api.twitter.com/1/twitterapi/twitterlist/members.xml'); That works fine when I authenticate correctly and put in a number for the id. But when I try to put in a variable ($id), it screws… >>> More
How to get a Twitter user's handle from a phone number using Twitter API

as seen on Stack Overflow - Search for 'Stack Overflow'
If I have a phone number, and the owner of the number Has a Twitter account Associated his account with the phone number Can I use the Twitter API to find the account based on the phone number? UPDATE: What I basically need is a reverse lookup function from a phone number to a Twitter account… >>> More
La rubrique Qt sur Twitter, suivez l'actualité Qt depuis Twitter et partagez-la

as seen on Developper.com - Search for 'Developper.com'
Comme vous l'avez probablement remarqué, les réseaux sociaux explosent de partout, Developpez.com et toutes ses rubriques se doivent donc, comme toujours auparavant, de suivre l'évolution en s'ouvrant à ces réseaux sociaux. Vous pouvez donc désormais suivre l'actualité de la rubrique sur Facebook… >>> More
Twitter User/Search Feature Header Support in LINQ to Twitter

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
LINQ to Twitter’s goal is to support the entire Twitter API. So, if you see a new feature pop-up, it will be in-queue for inclusion. The same holds for the new X-Feature… response headers for User/Search requests. However, you don’t have to wait for a special property on the TwitterContext to access… >>> More