Home/ Questions/Q 6176585
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T00:07:39+00:00

I’m using https://github.com/abraham/twitteroauth library. I already created my app on Twitter, the callbacks are

  • 0

I’m using https://github.com/abraham/twitteroauth library. I already created my app on Twitter, the callbacks are working fine (even on localhost), but one thing that is bugging me is HOW the auto-login happens? I know there’s “user_id” that is stored in the MYSQL database, along with oauth_token and oauth_token_secret, but how do I obtain user_id as soon as the user enters the site, so I can query the database to see if it already exists and what not, without having to popup the authorize twitter popup then reaching the callback, over and over again?

I’ve seen a lot of questions like this one, but no one ever answered it in a satisfying way.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    actually, it needs to be a mix of PHP own $_SESSION with OAuth callbacks. After the callback, set the current user ID you inserted on the database or query for “user_id” from Twitter OAuth response (that you should ALSO store on the database, along with the username), then use that for future reference, and using $_SESSION containing the registered user data on your own database.

    So, for a quick example 

    function action_login()
{
    if ( ! $this->user->is_logged())
    {
        // Create TwitterOAuth object with our Twitter provided keys
        $tOAuth = new TwitterOAuth($this->config->get('consumer_key'), $this->config->get('consumer_secret'));
        // Generate request tokens
        $requestToken = $tOAuth->getRequestToken(url::site('auth/twitter','http'));
        $_SESSION["oauth_token"] = $requestToken["oauth_token"];
        $_SESSION["oauth_token_secret"] = $requestToken["oauth_token_secret"];
        // Display Twitter log in button with encoded link
        $this->view->set('url', $tOAuth->getAuthorizeURL($requestToken["oauth_token"]));
        $_SESSION['current_url'] = Request::detect_uri();
    }

    echo $this->view->render();
}

public function action_twitter()
{
    if ( empty($_GET["denied"]) && isset($_GET["oauth_token"])) 
    {
        if ($_GET["oauth_token"] == @$_SESSION["oauth_token"]) 
        {
            // Use generated request tokens (from session) to construct object
            $tOAuth = new TwitterOAuth($this->config->get('consumer_key'), $this->config->get('consumer_secret'), $_SESSION["oauth_token"], $_SESSION["oauth_token_secret"]);
            // Retrieve access token from Twitter
            $accessToken = $tOAuth->getAccessToken();
            // Check we have valid response
            if(is_numeric($accessToken["user_id"]))  {
                // Remove request token session variables
                if ($this->user->loaded() || $this->user->where('user_id', '=', $accessToken['user_id'])->find()->loaded())
                {
                    $this->user->values(array(
                        'oauth_token' => $accessToken['oauth_token'],
                        'oauth_token_secret' => $accessToken['oauth_token_secret'],
                        'screen_name' => $accessToken['screen_name'],
                    ))->update();
                }
                else
                {
                    $this->user->values(array(
                        'user_id' => $accessToken['user_id'],
                        'oauth_token' => $accessToken['oauth_token'],
                        'oauth_token_secret' => $accessToken['oauth_token_secret'],
                        'screen_name' => $accessToken['screen_name'],
                    ))->create();
                }

                unset($_SESSION["oauth_token"]);
                unset($_SESSION["oauth_token_secret"]);
                echo $this->view->render();
                // Redirect to main page
            } 
        }
    }

    $this->request->redirect($_SESSION['current_url']);
}

    so basically, the AUTO LOGIN (like the user is already logged to twitter, and already registered to your website) can’t be done without him clicking the LOGIN WITH TWITTER button, unless you set the lifetime of your $_SESSION pretty high (like it happens with twitpic for example).

    $this->user->is_logged() is checking for $_SESSION['id'] (auto increment on MYSQL) and $_SESSION['twitter']['user_id'] from twitter info

    EDIT: Also, the quickest and cleanest way to do it, is to make an AJAX call on the page load with the Twitter credentials using the Javascript SDK, then set the $_SESSION variables with the info the SDK provided.

    • 0