With a Twitter OAuth web flow, it prompts the user to ok your twitter app, then redirects them back to your callback url. Since this is a secure way to authenticate the user, you can look them up by their twitter ID in your DB and either register them or log them in.
I can’t figure out how this works with an iOS app because “logging in with Twitter” never hits your server. I have to make a separate request, but there’s no way to verify that request is coming from that user.
How can I have the user login with Twitter on iOS and securely log them in on my own server?