Grow your CSS skills. Land your dream job.

Login with Twitter (Kirby)

  • # January 9, 2013 at 10:44 pm

    Issue:

    I’m having trouble trying to figure out how Bastian (Kirby Author) is creating the “Login with Twitter” functionality and integrating it into Kirby. What I’m trying to do is create a blog and use that for my comment section.

    What I know:

    I know that he is using Opauth but not sure if he’s integrating that with his current auth plugin. From the looks of his URL’s when logging in and out, I believe he is.

    Additionally, someone suggested to use Disqus. The problem with that is that I wouldn’t be able to control the UI of the comment form and it’s really not what I prefer.

    If you’d like to test this and have a Twitter account, you can go to the forum. I’d love any insight or help trying to solve this.

    # January 10, 2013 at 3:39 am

    Couldn’t his URLs just be redirects?

    Have a look at this:

    https://dev.twitter.com/docs/auth/implementing-sign-twitter

    You’d probably need to develop your own plugin for this, but it doesn’t look too challenging. Twitter links to some libraries that might be useful:

    https://dev.twitter.com/docs/twitter-libraries#php

    # January 10, 2013 at 8:59 am

    @BenWalker Possibly.

    `/auth/do:lougout` – Not sure how he’s doing this.

    I’ll take a look at those links you provided. Thanks for the insight.

    # January 10, 2013 at 3:46 pm

    `do:logout` is an internal thing; he’s just “forgetting” your login, it has nothing to do with twitter.

    # January 10, 2013 at 7:58 pm

    @traq I just read up on a way to go about that somewhat except the code was something like `if $do = “logout”`

    # January 10, 2013 at 9:39 pm

    yeah, it’s the same idea. He’s just parsing the URL instead of using a query string.

    You can see what he’s doing in `./kirby/lib/uri.php`.
    You can access those params like
    `$someParam = $site->uri()->param( $key );`

    So, in this case, you’d do:

    if( $site->uri()->param( ‘do’ ) == ‘logout’ ){
    /* logout */
    }

    The query string approach (`?do=logout`) will still work, of course.

    # January 10, 2013 at 10:01 pm

    After doing some research, I think I’m making this more complicated than it actually is.

    Process:

    User clicks login

    User gets redirected or popup (preferable) to allow access to their information.

    Twitter API grabs their information

    Somehow I store those credentials (username, possibly email and profile image) so the user doesn’t have to accept access every time…or something like that.

    Then, just use php to echo out those credentials (minus email).

    @traq Thanks for clearing that up. Makes better sense than what I was imagining.

    # January 10, 2013 at 11:17 pm

    before you redirect the user, you need to POST to twitter to get an oauth request token.

    > Somehow I store those credentials (username, possibly email and profile image) so the user doesn’t have to accept access every time…or something like that.

    Twitter returns a userID and a screen name. You’d typically store them in the session.

    You might be interested in [Andy Smith's OAuth class](http://oauth.googlecode.com/svn/code/php/). I’ve never done this myself, but [this seems to be a good tutorial](http://www.jondev.net/articles/Using_OAuth_with_Twitter_-_PHP_Example).

    # January 10, 2013 at 11:41 pm

    @traq What if the user clears their browser’s data (cookies, etc), wouldn’t they have to go through the whole process over again?

    # January 11, 2013 at 12:28 am

    yes; but that’s true of any* website login.

    **meaning, of course, “any cookie-based website login.”

    In practice, this covers just about all of them, Twitter included.*

    In fact, if the user intentionally clears their browser’s data, I think it’s safe to assume that they *want* you to forget they were logged in.

    # January 11, 2013 at 12:47 am

    @traq Touché.

    # January 11, 2013 at 8:54 pm

    I started working with Opauth but I’m not sure how to set the `DocumentRoot`.

    See here: http://cloud.chrisburton.me/M7qv

    I’m also getting this error: http://cloud.chrisburton.me/M7xB

    Line 125 can be found here: http://codepad.org/czuCGZvU

    # January 11, 2013 at 11:26 pm

    > I started working with Opauth but I’m not sure how to set the DocumentRoot.

    I think it’s just telling you that the example needs to be in your doc root (i.e., that’s just how the demo is set up to run; so it needs to be in your website’s root). Not “for sure” though, I’ve never used OAuth.

    > I’m also getting this error: http://cloud.chrisburton.me/M7xB

    How are you arriving at that error? “Strategy” refers to “which service you want to use for authentication,” such as Twitter or FB. Your problem might be as simple as trying to sign in at `/auth` instead of `/auth/twitter` (or FB, etc., whichever)…?

    # January 12, 2013 at 12:17 am

    @traq

    > I think it’s just telling you that the example needs to be in your doc root (i.e., that’s just how the demo is set up to run; so it needs to be in your website’s root). Not “for sure” though, I’ve never used OAuth.

    But the problem is that I have other files there that may conflict. This is what is confusing to me.

    > How are you arriving at that error? “Strategy” refers to “which service you want to use for authentication,” such as Twitter or FB. Your problem might be as simple as trying to sign in at /auth instead of /auth/twitter (or FB, etc., whichever)…?

    I downloaded the whole thing from http://opauth.org. It seems that what I downloaded from the site is a bit different than this: https://github.com/uzyn/opauth. I’ll download what’s on github and try again.

    # January 12, 2013 at 12:23 am

    @chrisburton

    > But the problem is that I have other files there that may conflict. This is what is confusing to me.

    Yeah, I think the demo is meant to be run in isolation – just for you to get familiar with using it. I don’t think it’s meant to be used “out of the box” on a live site.

    do you have a local server set up where you can try it out? Otherwise, you’d probably have to go through the files and change all of the URLs to match wherever you upload it. That might not be a bad idea, since you’ll have to do this anyway to use it on your site.

    I’ll look at the script and lend you any insights. : )

Viewing 15 posts - 1 through 15 (of 56 total)

You must be logged in to reply to this topic.

*May or may not contain any actual "CSS" or "Tricks".