开发者

Verify User with Twitter Authentication

开发者 https://www.devze.com 2023-02-22 20:17 出处:网络
I have a API that is ran on multiple sites.The user can register via multiple social logins on these client sites.The one I will speak of is Twitter.How can I authenticate on the client website and ap

I have a API that is ran on multiple sites. The user can register via multiple social logins on these client sites. The one I will speak of is Twitter. How can I authenticate on the client website and api website that is the actual user? I am doing the api call via Javascript which someone can visible see what to send to the api request. Even if they do see it I want to verify they are using the access token for that username, not a fake one they are trying to send. Do both sides need to know the consumer key and consumer开发者_Go百科 secret key to verify credentials? I have looking for the best possible workflow on how to do this during registration.


Have you considered utilizing something like JanRain Engage (http://www.janrain.com/products/engage) to provide your users with a simplified social login environment?

Disclaimer: I don't work for JanRain, just a fan of their products for simplification of social authentication.


I used a third party framework that calls verify credentials with the consumer key, consumer secret key, token access, and token access secret, and compare the userid of the result with the result in the request.

0

精彩评论

暂无评论...
验证码 换一张
取 消