Should you keep OAuth's Twitter oauth_token and oauth_token_secret?

Question

Should you keep OAuth's Twitter oauth_token and oauth_token_secret?

I’m trying to embed the “Login with Twitter” functionality on my website, and I have studied some tutorials.

Correct me, if I am wrong, the values oauth_token and oauth_token_secret change whenever the user requests them. I also noticed that there is no practical use for saved oauth_token and oauth_token_secret

As such, is it necessary to store and update oauth_token and oauth_token_secret often in the database?

+6

twitter-oauth twitter

Jules chiam 10 sept. '11 at 17:15

source share

1 answer

Adrian petrescu · Accepted Answer · 2011-09-10T17:58:25+0000

You are correct that OAuth tokens may change if you ask for them again, but if you do not request them again, they will not expire for a very long time. Therefore, the best strategy is to request OAuth tokens once when your user logs in, saves them in the database and continues to use the same ones, without asking for new ones the next time they log in .

Of course, when you call later, you may find that OAuth tokens are now rejected. This can happen for a number of reasons, most likely the user has canceled access from the Twitter settings page. At that time, you should request a new set and overwrite the old ones. But this does not need to be done if the old ones do not stop working.

Should you keep OAuth's Twitter oauth_token and oauth_token_secret?

More articles: