I've done a bit of searching but was unable to find anything of relevance, so please forgive me if this has been asked before. I'm posting here for comments and suggestions.
I'm working on a Twitter bot that allows users to send messages to a particular account and receive feedback. The bot uses OAuth to contact the Twitter service and make use of it's API. This is all working fine. However, I would like it to be possible for Twitter users to visit my website and view the messages they have sent the bot. Obviously, these may be of a sensitive nature. As such, some kind of authentication is needed. If possible, however, I would like to avoid making the user register for an account on my website. Instead, I'd like to have them allow my website access to their Twitter account and use various Twitter API calls to collect their credentials. As such, I imagine I'll have to store the AccessToken in a local database and use cookie data to link users with their particular AccessToken. If the cookie isn't present, I simply push the user back through the OAuth process. I'm wondering if anyone has experience with this, and if there is anything in particular that I should be aware of, before delving into actually plotting out the database schema? For example: is this poor form? Should I just bite the bullet and go with 'local' account registration? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
