Alex Payne wrote: > Hope that helps. Long story short, we've been punting on OAuth to try > to minimize duplication of labor as we transition to some new > technologies, but we're willing to be pragmatic if the libraries have > improved.
Ugh. If the available OAuth implementations (libraries) suck, and you're not interested in writing your own implementation from scratch, then don't do OAuth - just generate a "Twitter API key" (think: random 128-bit string) and store it. Let folks authenticate to the API with either their password OR their Twitter API key. Provide a small area in the Settings pages to view/generate a new API key. This at least gets us away from users handing out their login credentials which is 90% of the issue and shouldn't require "a library" to implement. -- Dossy Shiobara | [EMAIL PROTECTED] | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70)