Not sure if what I posted made sense. Basically i understand now why to store the access token, just curious now on how a user that connects to your app on a different computer authenticates to the point where we believe they are a given user, then we can grab the access token from the db and keep going. Is there an authenticate method that just asks for the users user and pass, if correct i can pass the access token and thats all instead of having to say "I Allow" for this app again?? ty for being patient every1.
On Oct 21, 8:08 pm, ryan alford <[email protected]> wrote: > The access token doesn't expire. It's also specific for the user. > There is no reason for you to get rid of it. > You should store it with a relation to the username. The user should > not be forced to re-allow every session. > > On Oct 21, 2009, at 7:44 PM, shawninreach <[email protected]> > wrote: > > > > > Im a little confused on why some people are saying you want to store > > the access token after you get it. Dont you just want to keep it in > > the session until the session expires or the user clears cookies? I > > understand how to use the access token, im just confused on after the > > session is expired your going to need to make the user click "I Allow" > > later again and theres nothing that can be done about that and you > > request new tokens so why store them in the database at all. Basically > > im just trying to understand this process a bit more so I can safely > > store only what I absolutely need to. Thanks guys for the help! > >
