CODEWITHSUNDEEP
phptwitteryii
scriptkiddie
scriptkiddie

Reputation: 605

hybridauth : how to authenticate twitter user in yii framework

I am following a tutorial from http://www.yiiframework.com/wiki/459/integrating-hybridauth-directly-into-yii-without-an-extension/

I included twitter login,

the problem is twitter is not returning email address

Hybrid_User_Profile Object ( [identifier] => 2378654169 [webSiteURL] => https://tisthedomainname.co/tpAnZH2BGe [profileURL] => http://twitter.com/myhjghj [photoURL] => http://pbs.twimg.com/profile_images/639065265478965088/8zty_o1K.png [displayName] => myhjghj [description] => some text was here - https://tisthedomainname.co/0yuxRheYVD [firstName] => myhjghj [lastName] => [gender] => [language] => [age] => [birthDay] => [birthMonth] => [birthYear] => [email] => [emailVerified] => [phone] => [address] => [country] => [region] => United Kingdom [city] => [zip] => )

and in this url https://dev.twitter.com/rest/reference/get/account/verify_credentials (and also tell me how to use this url and when to use) it is mentioned that

"If the user does not have an email address on their account, or if the email address is un-verified, null will be returned."

for facebook and google I am using the email address to login 

public function login()
{
    $this->username = $this->userProfile->email;  //CUserIdentity
    Yii::app()->user->login($this, 0);
}

So How do I login the user if the user doesn't have email id in twitter?

Upvotes: 1

Views: 132

Answers (1)

Andy Theos
Andy Theos

Reputation: 3346

You can take a look in sourcecode of existing auth mechanisms, and take approaches from there.

For example: https://github.com/SleepWalker/hoauth. Here is how he explains his approach:

When you planning to use social networks like Twitter, that returns no email from user profile, you should declare verifyPassword($password) or validatePassword($password) method in User model, that should take the password (not hash) and return true if it is valid.

You can also declare the sendActivationMail() method, that should mark the user account as inactive and send the mail for activation. This method, when it's exists will be used for social networks like Twitter, that give us no data about user's email (because we need to proof that user entered the right email).

Take a look and implement as you want to.

Upvotes: 1

Related Questions