Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
This is an open ended question that I was curious what people thought: Does it make sense, when you have an app that uses twitter Oauth for authentication to set a “Remember Me” cookie? This way, it wouldn’t have to hit the Oauth service and could recreate the session if it’s been in a set time period?
I hope this is clear. Curious about your thoughts.
It just depends on how long you want to wait before you send users back through the Sign in with Twitter auth flow. If you have cookies last for a long time they don’t have repeat the flow as often but if someones steals the cookies they will have access for a longer period of time. On the downside if they log out of Twitter and the cookie expires they then have to authenticate with Twitter. It really depends on what kind of security and token expiration makes sense for your web application.