The access token lasts forever: http://apiwiki.twitter.com/OAuth-FAQ#Howlongdoesanaccesstokenlast
The first token you'll get back from Twitter (after the user logs in and allows your app) is the request token. The request token only lasts for a short amount of time. However, the first thing you'll want to do after the user returns to your site is make a request to Twitter to exchange the request token for an access token. Here's an example: http://apiwiki.twitter.com/OAuth+Example+-+Ruby Leah > > > > > > > > On Wed, Apr 22, 2009 at 2:29 PM, Yogesh <[email protected]> wrote: > > > > > Can OAuth be used to login to a consumer website?.. I am sorry if I > > > haven't put the subject correct. But let me try to explain what I am > > > trying to achieve. I will explain this using the example of > > >www.stocktwits.com > > > > > So as we know that one can login towww.stocktwits.comusing twitter > > > username and password, and the advantage that stocktwits have by > > > making a user to sign in using the twitter username and password is > > > > > 1) Everytime a user enters his twitter username and password in > > >www.stocktwits.com, stocktwits can access the users protected > > > resources from twitter. > > > > > 2) stocktwits can create a profile for that user within the stocktwits > > > for that user using his twitter username, like letting the user > > > creates his portfolio. > > > > > First Question: Iswww.stocktwits.comis good candidate for > > > implementing OAuth as a consumer and twitter as a service provider? > > > > Yes definitely. > > > > > > > > > If the answer to first question is yes, Second Question: If > > > stocktwits implement OAuth then isn't it every time a user has to go > > > to stocktwits, and stocktwits have to ask the user to "sign in with > > > twitter" and it will take the user to twitter page where user has to > > > enter his username and password, and then user has to say yes to allow > > > access to stocktwits to access his resources. Isn't this complicates > > > thing. > > > > The user doesn't need to go to Twitter every time. All you need to do is > > store the OAuth token (the access token) for the user. You can then use > this > > token over and over again to get new updates for the user. > > If I read it correct isn't it the access token is for single use and > valid for one/two hour (one place I read one hour and in another place > two hour) > > > > > > > > > Third Question: How will stocktwits in OAuth case will allow user to > > > create a portfolio, because in this case stocktwits will no longer > > > have a username to save the portfolio against. > > > > You can fetch all the info for the user (including their username) with > > their OAuth token. > > If the OAuth token remains constant and it is not for single use and > yes this can be done > > > > Hope that helps! > > Leah > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
