johnnietheblack
Reputation: 13340
How to make a well-formed request token?
I am creating an OAuth login for my web app, and I am looking for the most air-tight and efficient way to create / store a request_token. As I understand, it will need to:
- be totally unique
- be time limited
What's the best way to create a unique token, and how should I store it (example, what would the table look like?)
Upvotes: 0
Views: 245
Answers (2)
zerkms
Reputation: 255005
md5(uniqid('', true));+ uniqie index +char(32)as a column is good enough.- No, it isn't supposed to be time limited. Look at twitter, for example - they have unlimited tokens. This behaviour depends on your API requirements and nature. An opposit to twitter is facebook - their tokens live for about 30-60minutes, afaik.
Upvotes: 1
Brian Lyttle
Reputation: 14579
You are probably best using an existing framework like oauth-php. It has client and server examples which you can reuse. It support various databases including MySQL. The MySQL schema can be browsed.
Upvotes: 1
Related Questions
- OAuth2 Token PHP
- How to create unique tokens correctly in php?
- How to generate a signature for OAuth
- Gotomeeting php api(oauth) implementation
- generate php access token
- token based authentication in php
- Simple token-like authentication
- Build an OAuth request for use with CURL in PHP
- API with tokens
- OAuth authorization - Establishing a requestToken