With oAuth 2.0 user is having to authenticate repeatedly

[paulfreeman]

This may be due to a programming error on my part, but there is a problem with our App retaining the signin via oAuth 2.0.

Each time the app starts it has to re-authent, i.e.: kicks out to the web browser and the auth page and then back to the app.

Is there anything we have to do regarding timeouts, preserving the login state to stop this happening?

[14lox]

I dealt with it myself, by saving the token and token secret after first authentication. Its not fully worked out yet, handling logout, expired tokens etc. but it solves the problem loading every app load.

@property (nonatomic, strong) NSString *storedOAuthToken;
@property (nonatomic, strong) NSString *storedOAuthTokenSecret;

- (void)viewDidLoad
{
    [super viewDidLoad];

    [TMAPIClient sharedInstance].OAuthConsumerKey = @"MY_CONSUMER_KEY";
    [TMAPIClient sharedInstance].OAuthConsumerSecret = @"MY_CONSUMER_SECRET";

    _storedOAuthToken = [[NSUserDefaults standardUserDefaults] valueForKey:@"token"];
    _storedOAuthTokenSecret = [[NSUserDefaults standardUserDefaults] valueForKey:@"token_secret"];

    if (_storedOAuthToken.length == 0 || _storedOAuthToken == nil)
    {
        // Not Authenticated - so do authentication.

        [[TMAPIClient sharedInstance] authenticate:@"APP_NAME" callback:^(NSError *error)
        {
            if (!error)
            {
                [[NSUserDefaults standardUserDefaults] setValue:[TMAPIClient sharedInstance].OAuthToken forKey:@"token"];
                [[NSUserDefaults standardUserDefaults] setValue:[TMAPIClient sharedInstance].OAuthTokenSecret forKey:@"token_secret"];

               [self getUserInfo];
               [self fetchFromTumblr];
           }
        }];
    }
    else
    {
        // Already authenticated

        [TMAPIClient sharedInstance].OAuthToken = _storedOAuthToken;
        [TMAPIClient sharedInstance].OAuthTokenSecret = _storedOAuthTokenSecret;

        [self getUserInfo];
        [self fetchFromTumblr];
    }
}

[14lox]

Also see: #8

[irace]

@paulfreeman - Yep, @14lox is correct, you are responsible for storing tokens yourself. I hope to change this at some point (see the aforementioned issue #8). It's also worth noting that this SDK currently uses OAuth 1, not OAuth 2, and your tokens will never expire.

I am going to close this issue since that one already exists.

[14lox]

One thing re: OAuth tokens - how do you properly deal with logging out one user and allowing another to log in? Would you just simply delete the tokens internally and then just go through the login process again?

[irace]

Yes, exactly.
Sent from my iPhone

On Fri, Apr 12, 2013 at 7:43 PM, Dai Hovey [email protected]
wrote:

One thing re: OAuth tokens - how do you properly deal with logging out one user and allowing another to log in? Would you just simply delete the tokens internally and then just go through the login process again?

Reply to this email directly or view it on GitHub:
#13 (comment)

[paulfreeman]

Thanks for the update