Twitter - Already have OAuth database, how do I know who the user is?

Question

I've already got a database set up with a table that is successfully populated with the final (permanent?) OAuth User Token and OAuth User Secret. The thing I don't understand is how I'm supposed to know what the current user's ID is, especially when it's been 2 weeks since their last login. My app is authorized by all of its users, so theoretically Twitter can look at the list of authorized apps for the current user and share the Twitter User ID, right? Isn't there some good way of requesting (on behalf of the current user) what his ID is? I feel like the temporary tokens should be able to facilitate this somehow... If it helps, every user in my app is just a Twitter account with some extra info. I'm just looking for the best way to utilize the tokens and secrets that are in my database...

I'm using PHP (libraries: Codebird-PHP & tmhOAuth) so if you could show an example in PHP that'd be nice, but really I just want to know how I'm supposed to use this information that I'm storing.

Thanks!

Answer 1

I'm assuming you store the data together with some username or user id that identifies the users of your website and links them to their proper twitter id. In order to get the basic info of your user, after authorization, you have to use the endpoint https://api.twitter.com/1.1/account/verify_credentials.json with a GET. The documentation for the 1.1 API can be found here.

This returns an array. You find the username uder "screen_name" and the user id under "id" or "id_string".

The question is a possible duplicate of Get current user's info from Twitter API, but I've added an answer because that discussion points to the deprecated API. The code you find there, nevertheless, is still useful (it appears to use Abraham William's library, but the steps are basically the same). Replace the classes and functions with those you have in Matt Harris' library. I don't know codebird, sorry!

EDIT: I am also providing a code sample (tested and working, although I have issues with tmhOAuth, so I use it occasionally only for myself. I have noticed that, when I try to post, it sometimes returns some weird error codes and I can't figure out why):

      // Authentication page, with button. You have already connected to your database

        $mywebsiteuser = $_SESSION['website_user_id'];
        $query= "SELECT * FROM `table_where_you_store_twitter` WHERE website_user_id ='$mywebsiteuser'";
        $sql= $mysqli->query($query) or die($mysqli->error.__LINE__); // or whatever else to check is the query fails.
        if ($sql->num_rows != 0){

        //etc. retrieve data and set the sessions.


       // already got some credentials stored? 
    if ( isset($_SESSION['access_token']) ) {
      $tmhOAuth->config['user_token']  = $_SESSION['access_token']['oauth_token'];
      $tmhOAuth->config['user_secret'] = $_SESSION['access_token']['oauth_token_secret'];

      $code = $tmhOAuth->request('GET', $tmhOAuth->url('1/account/verify_credentials'));
      if ($code == 200) {
        $resp = json_decode($tmhOAuth->response['response']);
        echo $resp->screen_name;
        echo  $resp->id;
//Etc. Instead of printing them you it's a good idea to store them in the db.
      } else {
        outputError($tmhOAuth);
      }
    // we're being called back by Twitter
    } elseif (isset($_REQUEST['oauth_verifier'])) {
      $tmhOAuth->config['user_token']  = $_SESSION['oauth']['oauth_token'];
      $tmhOAuth->config['user_secret'] = $_SESSION['oauth']['oauth_token_secret'];

      $code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/access_token', ''), array(
        'oauth_verifier' => $_REQUEST['oauth_verifier']
      ));

      if ($code == 200) {
    //etc.

Anyhow, all in all, in order to get the info of a user you need them to authorize your app first. I check if I have something from my user with the user's session variables on my website, not through twitter. If I have nothing stored, I ask them to authorize the app. I hope this helps.

Answer 2

Access Token : 1274865264-QiVY50RGnmJz6AU9IPRxxiXfv4DYqo0nj6wg8hS

Access Token Secret : fZQnHSuSpwARicIdLqkqQLy1JeG9LxrbNIRKypWcGR

First part of Access Token is user id