Javascript Twitter Authentication


#1

Hi!,

in these days I am developing a web application in HTML & Javascript and I’m trying to connect the Twitter’s API.
I need to login the user and read its timeline (tweets sent by the authenticated user are not public).

I know other server side programming languages like php that can do this type of operation (I’ve already made this connection in PHP and it works) but scalability problems I would like to implement a client-side solution only.

  1. The user makes the login with its username password

  2. The user authorizes the app to access its data

  3. Download data and store the JSON stream data in a javascript variable and then make operations.

In the official Twitter’s developer documentation I’ve found two libraries: user-stream and codebird-js but no examples / tutorial how to use them.
I could use Twitter Anywhere Service but I have read that the service will stop working next March.

Anyone can help me? Thanks in advance

Note: In javascript I also know that there are issues concerning the secrecy of the consumer key.


#2

Due to the issues inherent with OAuth in client-side Javascript environments, we unfortunately won’t be able to help you accomplish these kind of goals here. I strongly encourage you to use server-side integration options.


#3

Thanks for your answer.

Davide


#4

I am attempting to do the same thing and will use the server-side integration option. I did notice on the libraries page it states: “Reminder: It is strongly discouraged to use OAuth 1.0A with client-side Javascript.”

I would like to get more information on why this is and the “issues inherent with OAuth in client-side Javascript environments” mentioned in the response by @episod.

Thanks.


#5

some of my tweets have come up again and have changed dates it was last year do tweets renew themselves


#6

Consider taking a look at codebird-js 2.3.0. Also, for your app’s key safety: If your app is read-only, consider setting the permissions appropriately at https://dev.twitter.com/apps.


#7

I believe the reason is you need the Secret Key to sign the request. But there is no way to securely store the secret key in client side javascript. Someone could find it.


#8

can u send the code for server side integration…


#9

Follow this link


#10

I found some examples on the web of OAuth2.0 connecting to Twitter, but it still looks like it requires server side posting to the Twitter API. The competition, (ie Facebook, Google+, Foursquare, Instagram and even Window Live), allow JavaScript client sign-in for some, if not all of their db querying calls.

Any chance that Twitter will soon follow? In ref., see the Hello.js client login script by Andrew Dodson as an example which allows logins via OAuth2.0 for the above mentioned sites. Twitter is one of the few which still requires OAuth1.0 style access.


#11

you can store it to localstorege


#12

Hi, I’ve the same problem