Implementing sign in with Twitter

This is a quick way to create your own users stack and also very convenient for people who already have a Twitter account. Like most folks, I hate to re-enter my user details and have yet another password to remember for every new web app. So this is definitely a plus for me.

https://dev.twitter.com/docs/auth/implementing-sign-twitter

Step 1: Obtaining a request token

To start a sign in flow, your application must obtain a request token by sending a signed message to POST oauth/request_token. 

Step 2: Redirecting the user

The next step is to direct the user to Twitter so that they may complete the appropriate flow, as described in Browser sign in flow. Direct the user to GET oauth/authenticate, and the request token obtained in step 1 should be passed as the oauth_token parameter.

The most seamless way for a website to implement this would be to issue a HTTP 302 redirect as the response to the original "sign in" request. Mobile and desktop apps should open a new browser window or direct to the URL via an embedded web view.

Step 3: Converting the request token to an access token

To render the request token into a usable access token, your application must make a request to the POST oauth/access_token endpoint, containing the oauth_verifier value obtained in step 2. The request token is also passed in the oauth_token portion of the header, but this will have been added by the signing process.

A successful response contains the oauth_token, oauth_token_secret parameters. The token and token secret should be stored and used for future authenticated requests to the Twitter API. To determine the identity of the user, useGET account/verify_credentials.