I don't think it is officially supported as a public API but you can pull
the twttr_anywhere cookie which contains an access token.

https://api.twitter.com/1/account/verify_credentials.xml?oauth_access_token=xyz

Abraham

On Fri, Apr 23, 2010 at 20:34, Karate <quantumkar...@gmail.com> wrote:

> Does anyone have thoughts on this? :) Sorry to bump!
>
> On Apr 15, 9:18 pm, Karate <quantumkar...@gmail.com> wrote:
> > I am wanting to use @anywhereto allow users to login to my website,
> > but I am curious about how to implement proper security.
> >
> > Right now when a user hits the "Connect With Twitter" button on my
> > website and signs in via the popup window, the button changes to say
> > "Connected with Twitter". So far so good.
> >
> > I can then run things like:
> >
> > screenName = twitter.currentUser.data('screen_name');
> >
> > However, I want to be able to send the currentUser's id or twitter
> > username to my server to log them into my website as well. I want to
> > check their id/username against my database, and store it if it
> > doesn't exist, then log them in.
> >
> > So, the response that I get from running:
> >
> > twttr.anywhere(onAnywhereLoad);
> >
> > contains their username/id and some other information, but if I sent
> > this to my server via javascript to login, there's nothing stopping
> > someone from making a fake request containing a different username to
> > login.
> >
> > WithFacebook'sConnect API I get a cookie set that I can then use
> > with my secret to verify that the request is really fromFacebook, is
> > there an equivalent of this in Twitter?
> >
> > Does this require me to use oAuth?
> >
> > Again, all I'm trying to do is allow users to sign in to Twitter via
> > @anywhereon my site then send their username/id to my server to log
> > them into my application based on that username/id. I just need to be
> > able to validate that the data being sent to my server (username/id)
> > was really set by Twitter.
> >
> > Any thoughts?
> >
> > Thanks!
> >
> > --
> > Subscription settings:
> http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
>



-- 
Abraham Williams | Developer for hire | http://abrah.am
@abraham | http://projects.abrah.am | http://blog.abrah.am
This email is: [ ] shareable [x] ask first [ ] private.

Reply via email to