开发者

how to end user session (log out) in twitter using objective C

开发者 https://www.devze.com 2022-12-21 00:43 出处:网络
I have integrated twitter in my app. but I am not able to log out the session of the user. For logging I am usinght开发者_运维百科tp://%@@twitter.com/statuses/update.xml

I have integrated twitter in my app. but I am not able to log out the session of the user. For logging I am using ht开发者_运维百科tp://%@@twitter.com/statuses/update.xml

and passing the username and pswd in the url. Inside body i pass the string that needs to be updated and its working fine.

Now For log out they have an request called http://twitter.com/account/end_session

and it is been said we need to use post request. But I am not able to get what we have to pass in body and header so that twitter should know which user has requested for log out.

Below is the link of documnetation but I didnt suceed in this.

http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-account%C2%A0end_session

Waiting for reply

Thanks in advance


When you are posting to statuses/update.xml using the method you described, you are not logging in, you are simply updating the user’s status and passing the user name and password with the request. As you are not logging in, there is no session and no need to log out. This is good, because it’s easy, and it’s bad, because it’s insecure – you’re passing the password openly. Read the documentation about authentication. The authentication method you’re using right now is called “Basic Auth” there.

You can look at how you post looks in the HTTP request:

$ nc -l 1234
$ curl -d "Status update" http://user:passwd@localhost:1234

The output from netcat looks like this:

POST / HTTP/1.1
Authorization: Basic dXNlcjpwYXNzd2Q=
Host: localhost:1234
Accept: */*
Content-Length: 13
Content-Type: application/x-www-form-urlencoded

Status update

The Authorization line is the “Basic Auth” as described by the Twitter API docs and Wikipedia.

0

精彩评论

暂无评论...
验证码 换一张
取 消