I'm trying to get the access_token of an user that just gave authorization to my twitter app. When I login, it works, but only remembers my access_token until I refresh or click on a button.
Code that I'm using:
require(__DIR__ . '/../../lib/data/twitter-login-api/autoload.php');
use Abraham\TwitterOAuth\TwitterOAuth;
$oauth_callback = OAUTH_CALLBACK;
$consumer_key = OAUTH_KEY;
$consumer_secret = OAUTH_SECRET;
//Do something if $_REQUEST occur and previous session is equal to current $_REQUEST
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] === $_REQUEST['oauth_token']) {
//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
//Now you can save them
$_SESSION['new_session_for_oauth_token'] = $access_token['oauth_token'];
$_SESSION['new_session_for_oauth_token_secret'] = $access_token['oauth_token_secret'];
//You may also check it first
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['new_session_for_oauth_token'], $_SESSION['new_session_for_oauth_token_secret']);
$check = $connection->get("account/verify_credentials");
$username = $check->name;
//To echo your account's stat
echo '<p>' . $check->statuses_count . '</p>';
echo '<p>' . $check->friends_count . '</p>';
echo '<p>' . $check->followers_count . '</p>';
echo '<p>' . $check->favourites_count . '</p>';
//And finally unset previous sessions
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
//this is the end of callback url
} else {
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token = $connection->oauth('oauth/request_token', array("oauth_callback" => $oauth_callback));
$_SESSION['oauth_token'] = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
$twitter_url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
}
It logs me in one time and I receive the access_token and access_token_secret but I need them to stay in a session so that I can also use it after a page refresh or click on a button.
What am I doing wrong?
I thought it's happen because you were instantiating a "non-access-tokened" connection before you verifying the access token.
At the very beginning,
//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
//Now you can save them
$_SESSION['new_session_for_oauth_token'] = $access_token['oauth_token'];
$_SESSION['new_session_for_oauth_token_secret'] = $access_token['oauth_token_secret'];
Another thing you should notice that, you do need to unset
previous token (before authorized) but of course after the authorizing phase has passed. And here, I added more expression better (on my sight) since you have only one page for "request" and "callback"
//Do something if $_REQUEST occur and previous session is equal to current $_REQUEST
if (isset($_REQUEST['oauth_token']) && $_SESSION['oauth_token'] === $_REQUEST['oauth_token']) {
//Open first connection at callback
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
//Then verify your token
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $_REQUEST['oauth_verifier']));
//Now we overwrite previouse session with verified one
$_SESSION['oauth_token'] = $access_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $access_token['oauth_token_secret'];
//You may also check it first
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['new_session_for_oauth_token'], $_SESSION['new_session_for_oauth_token_secret']);
$check = $connection->get("account/verify_credentials");
//To echo your account's stat
echo $check->statuses_count;
echo $check->friends_count;
echo $check->followers_count;
echo $check->favourites_count;
//And finally unset previous sessions
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
//this is the end of callback url
} elseif (isset($_GET['twitter']) && $_GET['twitter'] === 'login') {
//Request a token aka login
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token = $connection->oauth('oauth/request_token', array("oauth_callback" => $oauth_callback));
$_SESSION['oauth_token'] = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
$twitter_url = $connection->url("oauth/authorize", array("oauth_token" => $request_token['oauth_token']));
} elseif (isset($_GET['twitter']) && $_GET['twitter'] === 'logout') {
//Destroy the session aka logout
unset($_SESSION['oauth_token']);
unset($_SESSION['oauth_token_secret']);
$url = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
header("location: {$url}");
exit();
}
//Before or after this snippet is HTML part
Now, in your HTML part, if you're going to login to Twitter, go to example.org/page.php?twitter=login
. You can also do logging out by example.org/page.php?twitter=logout
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.