twitter-api-typescript-sdk icon indicating copy to clipboard operation
twitter-api-typescript-sdk copied to clipboard
verified publisher icon xdevplatform

How to identify user between /login and /callback

Open feresr opened this issue 2 years ago • 2 comments

From the example, it is not clear how an user can be matched between the '/login' and '/callback' method calls

Expected behavior

A realistic example where the 'client' object is not static at the server scope. https://github.com/twitterdev/twitter-api-typescript-sdk/blob/0d12a20a76d6dd9c346decf9cc80bc611975d43f/examples/oauth2-callback_pkce_s256.ts#L39C2-L39C25

Actual behavior

The example uses a global 'client' and only deals with authenticating one user. A real server state is shared between multiple clients. It is not clear how we can identify a user in the ''/callback' endpoint.

feresr avatar Nov 23 '23 14:11 feresr

I tried a few things to get OAuth2User from /login across to /callback (stateless functions)

Just creating a new User with the same settings won't work because code_verifier gets assigned on generateAuthURL() (which is called in /login)

What is more, OAuth2User is not serializable, do I need a way to share memory between API endpoints in NextJS? Is that possible?

feresr avatar Nov 24 '23 23:11 feresr