On Thu, Apr 9, 2009 at 04:19, Jas <emailf...@gmail.com> wrote: > > I am interested in using OAuth for my twitter app but I have some > questions: > > 1. When twitter authorizes the user and returns the access tokens I > can store those tokens in my database for that user. Is it safe to say > those tokens will never change unless they were to re-authorize > themselves for my app?
Yes. The user might revoke the access tokens though. > > > 2. How would a user login to my site? Would they follow the same > process as sign-up, by going to the authorization URL and clicking > 'allow' each time? Would my script have to check if the user is or not > already in the database, and if they are then update the tokens? > Yes. If you you are using MySQL you can write a single statement [1] that will insert or update if exiting. you can also roll your own authentication method or use something like OpenID/Facebook Connect/RPXNow/etc. > Thanks :) > [1] http://dev.mysql.com/doc/refman/5.0/en/insert-on-duplicate.html -- Abraham Williams | Hacker | http://abrah.am @poseurtech | http://the.hackerconundrum.com Web608 | Community Evangelist | http://web608.org This email is: [ ] blogable [x] ask first [ ] private.