All geek questions in one place

Twitter api authorization of my application

I use this twitter api library , and so far everything is fine. My problem (well, actually, this is not a problem for the user) is that every time you want to log in to Twitter, you need to open a popup.

Right now the flow is as follows:

  • The user clicks on the twitter logo on my page.
  • Javascript popup includes Oauth twitter. If you are logged into everything that is said, it is login and cancellation. If you do not have login fields.
  • If all is well, this refers to the return URL that I provide. doing a bunch of things and then ..
  • I call window.opener and pass the authenticated information, and from there I close the window.

It was surprisingly easy to implement and works great. I am wondering if the twiiter login process can be a bit more like facebooks, which would be like that.

  • The user clicks on the twitter logo on my page.
  • If the user logged in and authorized the application, a pop-up window popped up instantly and returned the user data to my page.

I understand that I am using the php library for twitter and the facebook stream is from the javascript side, but I am wondering if I can detect using php if the user has already allowed the application and has been signed up, for they bypass the extra click / cancel click.

+6
source share
2 answers

Try using Twitter Login . If the user has already authenticated, this is a one-click operation. The linked document above has a flowchart and description of the process, but I will also list the steps (with emphasis added) and a link to the corresponding API pages:

β€œSign in to Twitter” is an authentication template that allows users to connect their Twitter account with third-party services in just one click. It uses OAuth and although the stream is very similar, the authorization URL and workflow are different as described below.

normal flow dictates that applications send request tokens to oauth / authorize on Twitter implementation of the OAuth specification. To use the "Login with Twitter" application must send a request for the tokens received in the oauth_token parameter oauth / authenticate instead.

The oauth / authenticate method will act differently depending on the status of the user and their previous interaction with the calling application:

  • If the user is registered on twitter.com and has already approved the calling application, the user will be immediately authenticated and returned to the callback URL.

  • If the user is not logged into twitter.com and has already approved the calling application, the user will be prompted to log in to twitter.com then will be immediately authenticated and returned to the callback URL.

  • If the user has logged into twitter.com and has not yet approved the calling application, OAuth will submit an authorization request. Then user authorization will be redirected to the callback URL.

  • If the user is not logged in to twitter.com and has not yet approved the calling application, the user will be prompted to log in to twitter.com then authorization will be presented before redirecting back to the callback URL.

Hope this complies with the bill and works for you.

+3
source

I had the same problem with the Facebook API once, but it worked by checking the cookies generated by the API to see if there are any entries that can give a hint if the user is logged in. I'm not sure about Twitter, but in the case of Facebook, only a cookie means that the user is already registered in the current application. Since both of them use Auth, they can use the same procedure. But of course, I just guess. Better take a look at yourself to confirm.

Great question, by the way. +1

0
source

Source: https://habr.com/ru/post/889745/

More articles:


All Articles