Validating digits session on server side to build secure apps

Digits is a  service from twitter which helps you onboard your mobile app users with simple phone number authentication and it’s for free 🙂

If you have a mobile app that onboard the user using digits service and you want to validate the session generated by digits on your server side then this blog is for you.

The app communicates with the server using REST APIs. Send the token and secret generated by the twitter to the server using the REST API. Twitter provides verify credentials API to validate the sessions generated by Digits at the server side.

Dive into the server side component developed using node.js
Fill in all the details related to digits.
var token = "";
var token_secret = "";
var consumer_key = "";
var consumer_secret = "";
var oauth =
{
consumer_key: consumer_key
, consumer_secret: consumer_secret
, token: token
, token_secret: token_secret
};

Make the verify_credentials API call to validate the session information.
function callback(error, response, body) {
if (!error && response.statusCode == 200) {
console.log("success");
} else {
console.log("error: ", error);
}
}
var request = require('request');
var url = "https://api.twitter.com/1.1/account/verify_credentials.json";
request.get({ url: url, oauth: oauth }, callback);

Note: I have used request package to make the HTTP requests from the server.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s