Menu Close


login-with-twitter travis npm downloads javascript style guide

Login with Twitter. OAuth without the nonsense.


This module is designed to be the lightest possible wrapper on Twitter OAuth.

All this in < 100 lines of code.


npm install login-with-twitter


Set up two routes on your web sever. We’ll call them /twitter and
/twitter/callback, but they can be named anything.


Initialize this module with the consumer key and secret for your Twitter App you created with an Twitter Developer account.

const LoginWithTwitter = require('login-with-twitter') const tw = new LoginWithTwitter({ consumerKey: '<your consumer key>', consumerSecret: '<your consumer secret>', callbackUrl: '' })


Call login from your /twitter route, saving the OAuth tokenSecret to use later. In this example, we use the request session (using, for example, express-session).

app.get('/twitter', (req, res) => { tw.login((err, tokenSecret, url) => { if (err) { // Handle the error your way } // Save the OAuth token secret for use in your /twitter/callback route req.session.tokenSecret = tokenSecret // Redirect to the /twitter/callback route, with the OAuth responses as query params res.redirect(url) }) })


Then, call callback from your /twitter/callback route. The request will include oauth_token and oauth_verifier in the URL, accessible with req.query. Pass those into callback, along with the OAuth tokenSecret you saved in the login callback above, and a callback that handles a user object that this module will return.

app.get('/twitter/callback', (req, res) => { tw.callback({ oauth_token: req.query.oauth_token, oauth_verifier: req.query.oauth_verifier }, req.session.tokenSecret, (err, user) => { if (err) { // Handle the error your way } // Delete the tokenSecret securely delete req.session.tokenSecret // The user object contains 4 key/value pairs, which // you should store and use as you need, e.g. with your // own calls to Twitter's API, or a Twitter API module // like `twitter` or `twit`. // user = { // userId, // userName, // userToken, // userTokenSecret // } req.session.user = user // Redirect to whatever route that can handle your new Twitter login user details! res.redirect('/') }); });


If you want to implement logout, simply delete the user object stored in the session.

For more information, check out the implementation in index.js.


MIT. Copyright (c) Feross Aboukhadijeh.

View Source Code
Posted in Development