I am using HybridAuth on my project and added Facebook, Twitter and LinkedIn social providers in order for the user to be able to sign up/ sign in.
What I have encountered is that Twitter API does not return the users' email. Thus the user obviously can't sign up with his Twitter account.
Furthermore if the user has logged out - he can't even sign in with his Twitter account if he hasn't connected it to your application account, because the Twitter API won't use the email for searching the user in its' database. In order to be able to use Twitter Sign In, the user has to be signed in to your app and connect his Twitter account.
Is there anything I am missing and there is an actual way to Sign Up with Twitter?
Related
Ok, let's imagine I've got my Rails application and user creates account through the app with email xxx#example.com.(He doesnt have any social account). My app has included Twitter,Google+ Facebook sign up with Omniauth gem. So now, let's say, that there is a malicious hacker, which creates social account on Twitter, G+ or Facebook with email xxx#example.com. He goes to our app, he can't log in normal way, but he can easly get into account by his social account, which matches with user email xxx#example.com. So, the question is, how we can provide safety in this situation? Or is it provided mayby in the way I dont get?
If i understand your question correctly, none of the social media accounts can be created without confirming your email id. So there is no way someone is going to create account in Twitter, G+ or Facebook with your email id.
I am using TWTRLogInButton to enable users to log into my iOS app using their Twitter credentials. This means that once the user authorizes my app via Twitter, they can log in without re-entering their Twitter login credentials.
Once a user has logged in using Twitter, I'd like to set up a settings panel in the app that requires users to re-authenticate using Twitter. In other words, I want them to enter their Twitter username and password in order to access the settings. (This is because my app is sometimes used in a public settings, and some users would like to disable sharing directly to Twitter from the app. The settings panel would authenticate the user first to determine whether to disable sharing to Twitter throughout the rest of the app).
What is the best way to re-authenticate Twitter users in objective-c? Should I be using the REST API?
I've created an iOS app that allows a user to log in with Instagram. I use a web view to display Instagram's authorization page as detailed here. This works great for Instagram users who signed up with a user name and password. However, Instagram also offers the option for new users to create an account using their Facebook account, and users who have gone this route are unable to log into my application because the Instagram login page doesn't give an option to authenticate with Facebook. How do I allow these users to log into my app?
I log into my Twitter account. Then I visit this twitter app website. I click sign-in with Twitter link, I am redirected to Twitter authorization page, I give auth. Then I see member page of app website. Then I check authed Applications from my Twitter account: https://twitter.com/settings/applications
I see that I authed that application. Then I remove all cookies of app website. But I don't logout from Twitter website. I revisit app website and click Sign-in with twitter.
Without Auth confirmation I am redirected to members page. How can it be?
I understand that they save my auth tokens inside their database and use to verify credentials. But without cookie etc. how can they know that I'm that Twitter user?
Is it possible to know that user logged in to Twitter?
This problem can be solved when "authenticating" is used rather then "authorization".
Authorization needs permission everytime user sign-ins, authentication needs permisson if user didn't give permission previously or he/she revoked the permission.
That is called as transparent login.
Note: Authentication doesn't include DM access.
https://dev.twitter.com/docs/auth/implementing-sign-twitter
I'm developing a social network. Users may register and share their twitter username (if they want). Wherever the user posts a comment or other content, his username is displayed. I would like to display the follow #userTwitter button, if the user has set the twitter account.
Now, everything works, the problem is to validate that the user is the owner of that twitter account. Right now the user could be entering any valid twitter account! Maybe using the Twitter api?
You can set your app up as a Twitter client, this way your user has to log into twitter to authorize your app, thereby verifying their twitter identity.
This is a couple years old but might be enough to get you started:
http://www.1stwebdesigner.com/tutorials/twitter-app-oauth-php/