I was just wondering, if I build an app and use OAuth to authenticate. Once the users have clicked Authorize already, and it’s in their granted applications. When they clicked login again, why they have to click Authorize again? May be I have to configure something else? I’m using OAuth with REST 1.1
It’s up to your application to persist the access token and secret and represent that as the user’s identity in context to Twitter. The access tokens last forever (or until they get revoked by the user). If you don’t want them to have to approve again, don’t send them through the OAuth process again and just keep using their token.
If you don’t have a means to persist their tokens and/or you’re using a session which could disappear (not recommended), you may like the features available in oauth/authenticate as opposed to oauth/authorize on the 2nd step of the OAuth flow. If oauth/authenticate is used and the end-user already has approved a token for your application, it will redirect to the specified URL in oauth/request_token without prompting the user.
Is it possible to overload local servers?