Hi there,
I'm developing my first twitter web application and i need some help
or rather some advice. After a user allows my app to access their
account, they are redirected to my website. From there i generate a
unique 25char long key. This key is stored together with the access
tokens and other details related to the user (e.g. path to profile pic
etc...) in a MySQL database.

I also set 2 cookies on the user's PC : One to store the access token
(not the access token secret) and another one that store the unique 25
char long key.  Plus i also set SESSIONS that store the user's twitter
id, access token and access token secret. Is this the way you guys do

Do i have to use an https connection for my twitter app? Because i was
wondering what if someone is able to read the cookie values (access
token and key) of a user passing over the network and then put that in
his own cookie. He will be able to access someone else account.

Thank You

Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 

Reply via email to