Twitter recommends that the majority of developers start to think about migrating to v2 of the API

Related tags

Learning resource passport-twitter-oauth2.0
Overview

Passport-Twitter2.0 with PKCE

Twitter recommends that the majority of developers start to think about migrating to v2 of the API.

This package is a Passport strategy for authenticating with Twitter using the OAuth 2.0 API.

By plugging into Passport, Twitter authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Installation

$ npm install passport-twitter-oauth2.0

Usage

Please note that Twitter requires clients to use PKCE (RFC 7636) when authenticating with OAuth 2.0. When using PKCE with Passport, clients are required to enable sessions. Furthermore, the options object passed to the strategy has to specify pkce=true and state=true.

passport.use(
    new TwitterStrategy(
        {
            clientID: TWITTER_CLIENT_ID,
            clientSecret: TWITTER_CLIENT_SECRET,
            callbackURL: YOUR_CALLBACK_URL,
            clientType: "public", // "public" or "private"
            pkce: true, // required,
            state: true, // required
        },
        function (accessToken, refreshToken, profile, done) {
            User.findOrCreate({ githubId: profile.id }, function (err, user) {
                return done(err, user);
            });
        }
    )
);

Authenticate Requests

Use passport.authenticate(), specifying the 'github' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get(
    "/auth/twitter",
    passport.authenticate("twitter", { scope: ["offline.access"] })
);

app.get(
    "/auth/twitter/callback",
    passport.authenticate("twitter", { failureRedirect: "/login" }),
    function (req, res) {
        // Successful authentication, redirect home.
        res.redirect("/");
    }
);

Credits

License

The MIT License

You might also like...

We are creating a Library that would ensure developers do not reinvent the wheel anymore as far as Authentication is concerned. Developers can easily register and download authentication codes that suits their need at any point.

We are creating a Library that would ensure developers do not reinvent the wheel anymore as far as Authentication is concerned. Developers can easily register and download authentication codes that suits their need at any point.

#AuthWiki Resource Product Documentation Figma Database Schema First Presentation Live Link API Documentation Individual Contributions User Activity U

Dec 2, 2022

Template to start developing a REST API with Node.js (Express), TypeScript, DDD, etc. 🔰🦸

Template to start developing a REST API with Node.js (Express), TypeScript, DDD, etc. 🔰🦸

Typescript DDD Boilerplate Plantilla para una API con Typescript basada en arquitectura DDD. En qué consiste este proyecto Este proyecto es un punto d

Nov 26, 2022

A Cloudflare Worker for fetching data from Twitter User API.

cloudflare-worker-twitter This is a Cloudflare Worker for fetching data from Twitter User API. ❔ About this project I created this Worker to hide my A

Oct 1, 2022

A minimalistic web application made using Next.js and Twitter API for Saturday Hack Night by TinkerHub

A minimalistic web application made using Next.js and Twitter API for Saturday Hack Night by TinkerHub

The Twittr. On the social media platform Twitter, a ratio, or getting ratioed, is when replies to a tweet vastly outnumber likes or retweets. This mea

Apr 17, 2022

How to say Hello World via the Twitter API from browser-based JavaScript.

Twitter Hello World Suppose I want to write an app that runs in the browser that just says Hello World from my Twitter account. This is the canonical

Jun 7, 2022

An indexer that aggregates and normalizes NFT related data on the Tezos Blockchain and provides a GraphQL API for developers.

TezTok Token Indexer An indexer that aggregates and normalizes NFT related data on the Tezos Blockchain and provides a GraphQL API for developers. Not

Dec 23, 2022

Storex is a store management opensource API platform for web and mobile apps developers.

STOREXAPI STOREXAPI is a free online REST API that you can use whenever you need Pseudo-real data for your store management website, mobile applicatio

Aug 5, 2022

A simple browser extension, intended to get you "Back To Work" when you start slacking off to one of those really addictive sites.

Back to Work A simple browser extension, intended to get you Back To Work when you start slacking off to one of those really addictive sites. What doe

Nov 19, 2022

A quick start Create React App template with react-router-dom, material-ui, gh-pages and firebase

A quick start Create React App template with react-router-dom, material-ui, gh-pages and firebase. With google authentication, routing and deployment capabilities built in.

Feb 22, 2022
Comments
  • 403 Forbidden when attempting to fetch user profile

    403 Forbidden when attempting to fetch user profile

    Thanks for the great work here. I was trying to implement the strategy myself and got a little stuck. This library got me to the point of getting the access token to make requests, but now I can't get past:

     oauthError: {
   statusCode: 403,
     data: '{\n' +
       '  "title": "Forbidden",\n' +
       '  "type": "about:blank",\n' +
       '  "status": 403,\n' +
      '  "detail": "Forbidden"\n' +
   }
 }

    I've tried a variety of options for the strategy up to and including the defaults you've provided.

    opened by nbrady-techempower 10
  • Incorrect generated authorization header with private client type

    Incorrect generated authorization header with private client type

    Thank you for writing this passport.

    I've noticed that the generated Authorization header is not working as expected.

    const base64url = require('base64url');

const username = 'user';
const password = 'password';

console.log('Basic ' + base64url(`${username}:${password}`)); // Method implemented in this passport.
console.log('Basic ' + Buffer.from(`${username}:${password}`).toString('base64'));

    Notice that the generated authorization header is different. Is this intentional or am I missing something? Thank you.

    opened by junwen-k 2
Owner
null
GitHub
radiQL, your one-stop-shop for migrating from a legacy REST backend to an efficient and modern GraphQL API

Welcome to radiQL, the one-stop solution for setting up GraphQL on a PostgreSQL database. Check out our Medium article here. At A Glance: Give us your

OSLabs Beta 90 Nov 14, 2022
Next-gen mobile first analytics server (think Mixpanel, Google Analytics) with built-in encryption supporting HTTP2 and gRPC. Node.js, headless, API-only, horizontally scaleable.

Introduction to Awacs Next-gen behavior analysis server (think Mixpanel, Google Analytics) with built-in encryption supporting HTTP2 and gRPC. Node.js

Socketkit 52 Dec 19, 2022
Small (fragile) script for migrating comments from dev.to posts to Wordpress format (WXR/XML)

dev-to-wxr Small (fragile) script for migrating comments from dev.to posts to Wordpress format (WXR/XML). Useful for importing in tools like disqus. U

Fahad Hossain 2 Jan 29, 2022
Did you think that dinosaurs were finished evolving?

Chrome Dino Game This is a recreation of everyone's favorite offline companion, google chrome dinosaur game, with the same classic monochrome interfac

Wasim Reja 8 Sep 6, 2022
This is an IFC wrapped on Three js based viewer, I think..

ifc-three-js-viewer Project description: This is an IFC wrapped on Three js based viewer, I think.. Features & Screenshots: A simple viewer for render

Oussama Bonnor 4 Dec 14, 2022
Twitter Text Libraries. This code is used at Twitter to tokenize and parse text to meet the expectations for what can be used on the platform.

twitter-text This repository is a collection of libraries and conformance tests to standardize parsing of Tweet text. It synchronizes development, tes

Twitter 2.9k Jan 8, 2023
Fuck Twitter NFTs - Userscript to delete or block all occurances of NFT Users on Twitter

FuckTwitterNFTs Fuck Twitter NFTs - Userscript to delete or block all occurances of NFT Users on Twitter Userscript will by default, attempt to delete

Blumlaut 1 Jan 20, 2022
Twitter bot to find what song is playing in a given uploaded twitter video.

what-song-is-this Twitter bot to find what song is playing in a given uploaded twitter video. How to setup. yarn install How to run. via npm script ya

Akinwande Akinboluwarin 17 Dec 11, 2022
A Twitter filtered search to only get the live broadcasts hosted on Twitter itself, Built using Vanilla JS and Node.js

Twitter Broadcasts Search A Twitter filtered search to only get the live broadcasts hosted on Twitter itself, Built using Vanilla JS and Node.js. Live

Mohammad Mousad 2 Oct 6, 2022
THE PROJECT IDEA is to create a platform where developers can improve on their typing speed and accuracy by playing a coding typing game in their preferred programming language, which will make developers both beginners and pros get more familiar with the syntax of their programming languages.

Typing Game for Developers to Boost their Typing Speed and Accuracy Read Blog Technologies Yarn React JS Html Css Features ?? Typing Area ?? Ranking ?

Ayodele S. Adebayo 32 Dec 14, 2022