Drop-in login functionality for your webapp
Mount this Rack endpoint in your web application to enable user logins through Twitter.
How to use
First, register a new Twitter application (if you haven't already). Check the "Yes, use Twitter for login" option. You can put anything as "Callback URL" since the real callback URL is provided dynamically, anyway. Note down your OAuth consumer key and secret.
You have to require 'twitter/login' in your app. If you're using Bundler:
## Gemfile gem 'twitter-login', '~> 0.4.1', :require => 'twitter/login'
Now mount the Rack endpoint in your application. In Rails 3 this would be:
## application.rb: config.twitter_login = ::. \ :consumer_key => 'CONSUMER_KEY', :secret => 'SECRET' ## routes.rb twitter = YourApp::Application.config.twitter_login twitter_endpoint = twitter.login_handler(:return_to => '/') mount twitter_endpoint => 'login', :as => :login ## application_controller.rb include :::: def logged_in? !!session[:twitter_user] end helper_method :logged_in?
Fill in the
:secret placeholders with real values. You're done.
It is less trivial to mount a Rack endpoint in Rails 2 or Sinatra. This library was once Rack middleware, and if you prefer to use that, install the 0.3.x version and check out the "middleware-0.3" branch.
What it does
The user will first get redirected to Twitter to approve your application. After that he or she is redirected back to your app with an OAuth verifier GET parameter. Then, the authenticating user is identified, this info is saved to session and the user is sent back to the root path of your website.
Available options for
:consumer_key-- OAuth consumer key (required)
:secret-- OAuth secret (required)
:site-- the API endpoint that is used (default: "http://api.twitter.com")
:return_to-- where user goes after login (default: "/")
Twitter::Login::Helpers module (for Sinatra, Rails) adds these methods to your app:
twitter_user(Hashie::Mash) -- Info about authenticated user. Check this object to know whether there is a currently logged-in user. Access user data like
twitter_logout-- Erases info about Twitter login from session, effectively logging-out the Twitter user
twitter_client(OAuth::AccessToken) -- A consumer token able to query the API, e.g.