OAuth Sign-on Sharing Tokens



I’ve built an app that allows users to send Direct Messages at scheduled times. At the moment, the user creates their DM on a secure PHP/MySQL website, and their consumer/access tokens are stored on the SQL server.
Then, a Python script gets the direct message, then uses the user’s API tokens to send the direct message.

That’s fine for the moment, however I’d like to implement a ‘Sign on with Twitter’ utility (much like Buffer, Hootsuite etc), so that the user doesn’t have to generate their own API keys, change permissions to “Read, Write & Direct Messages” and so on.

I’m aware that there is OAuth and different types of application permissions, but can someone tell me which one I should be looking to use? I’ve been reading the documentation, and I can’t find anything regarding OAuth and Direct Messages.
Additionally, would an OAuth signup work with my setup? I.e., tokens stored on the SQL server, then accessed via the Python script? Essentially, I want to eliminate the need for users to have to create an app, generate tokens, allow direct messages, and so on.

Any help would be massively appreciated!