Validating digits session on server side to build secure apps

Digits is a  service from twitter which helps you onboard your mobile app users with simple phone number authentication and it’s for free 🙂

If you have a mobile app that onboard the user using digits service and you want to validate the session generated by digits on your server side then this blog is for you.

The app communicates with the server using REST APIs. Send the token and secret generated by the twitter to the server using the REST API. Twitter provides verify credentials API to validate the sessions generated by Digits at the server side.

Dive into the server side component developed using node.js
Fill in all the details related to digits.
var token = "";
var token_secret = "";
var consumer_key = "";
var consumer_secret = "";
var oauth =
{
consumer_key: consumer_key
, consumer_secret: consumer_secret
, token: token
, token_secret: token_secret
};

Make the verify_credentials API call to validate the session information.
function callback(error, response, body) {
if (!error && response.statusCode == 200) {
console.log("success");
} else {
console.log("error: ", error);
}
}
var request = require('request');
var url = "https://api.twitter.com/1.1/account/verify_credentials.json";
request.get({ url: url, oauth: oauth }, callback);

Note: I have used request package to make the HTTP requests from the server.

Advertisements