THanks Leah On Apr 22, 2:42 pm, Leah Culver <[email protected]> wrote: > Hi Yogesh, > > > > On Wed, Apr 22, 2009 at 2:29 PM, Yogesh <[email protected]> wrote: > > > Can OAuth be used to login to a consumer website?.. I am sorry if I > > haven't put the subject correct. But let me try to explain what I am > > trying to achieve. I will explain this using the example of > >www.stocktwits.com > > > So as we know that one can login towww.stocktwits.comusing twitter > > username and password, and the advantage that stocktwits have by > > making a user to sign in using the twitter username and password is > > > 1) Everytime a user enters his twitter username and password in > >www.stocktwits.com, stocktwits can access the users protected > > resources from twitter. > > > 2) stocktwits can create a profile for that user within the stocktwits > > for that user using his twitter username, like letting the user > > creates his portfolio. > > > First Question: Iswww.stocktwits.comis good candidate for > > implementing OAuth as a consumer and twitter as a service provider? > > Yes definitely. > > > > > If the answer to first question is yes, Second Question: If > > stocktwits implement OAuth then isn't it every time a user has to go > > to stocktwits, and stocktwits have to ask the user to "sign in with > > twitter" and it will take the user to twitter page where user has to > > enter his username and password, and then user has to say yes to allow > > access to stocktwits to access his resources. Isn't this complicates > > thing. > > The user doesn't need to go to Twitter every time. All you need to do is > store the OAuth token (the access token) for the user. You can then use this > token over and over again to get new updates for the user.
If I read it correct isn't it the access token is for single use and valid for one/two hour (one place I read one hour and in another place two hour) > > > > > Third Question: How will stocktwits in OAuth case will allow user to > > create a portfolio, because in this case stocktwits will no longer > > have a username to save the portfolio against. > > You can fetch all the info for the user (including their username) with > their OAuth token. If the OAuth token remains constant and it is not for single use and yes this can be done > > Hope that helps! > Leah --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
