Lee,
TwitPic and TweetPhoto use Basic Auth for this; if you post a photo to
TwitPic via the API, you've got to pass the Twitter username and the
password. It works for those APIs, so it should work for yours.
OAuth don't (yet) provide a good solution for the scenario you
describe; until they do,
You should also require an https connection for these calls so I don't sniff
their passwords when they use my wifi.
On Tue, Dec 1, 2009 at 09:31, Duane Roelands duane.roela...@gmail.comwrote:
My recommendation is that you -never- store those login credentials
that are passed and require them
And again this discussion dies off... I really don't understand why Twitter
and most developers are so quiet about this. What's the plan for supporting
3rd party APIs via Oauth? Right now for those of us already exclusively
Oauth based on Twitter's recommendation, or for the rest of you in the
Thanks for asking. I was just wondering the same thing. :-)
On Nov 30, 3:19 pm, LeeS - @semel lse...@gmail.com wrote:
Here's the situation:
My app lets users OAuth via Twitter as their login. Simple and
standard.
Now, I've created an API for my app. I want other apps, say Twitter
To all who are wondering about this - I raised this issue and some
suggestions a while back, got 1 response from Twitter, but when I asked the
dev community who else struggles with this, it was awfully silent (perhaps
people hoping Twitter would never deprecate basic auth)... See this thread:
I know some people will kick my shins over this, but I would not
recommend using Twitter OAuth (or Facebook Connect for that matter) as
the primary mechanism for logins to your own site.
Why would one expose your site to the stability, availability,
temperament, and good graces of another service
While that may be true in a more generic sense, I think that for most of us
on this mailinglist, the core functionality of our apps depends on Twitter
being up and available... So for me there's really little point in
authenticating users when Twitter is down and my app doesn't provide its
core
