I’ve been working on implementing “sign in with your Twitter account” functionality for a website, I’m able to authenticate successfully, but I have a problem.
After the user has authorized my site to access his/her account, if the user is not logged in to my site, but is logged in to Twitter, how do I authenticate them when they click the sign in with Twitter button? I don’t want to redirect them to Twitter again to re-authenticate, and I don’t want to prompt them again to authorize my site…
I do have their tokens stored in my internal user database, but I currently do not know which to use as my site has no idea who the visitor is.
Is it possible to authenticate them on my site without re-prompting them on Twitter?
