Skip to main content

Authentication by Mentioning using Twitter

Conventional method of authentication is to send an email with a link back to a user. You can achieve the same result with Twitter. You don't have to ask your user for an email address anymore. Your user will have one less worry that she will be spammed by email. With this method you don't have to ask for your user Twitter password. And you don't have to register your application to the Twitter's OAuth. The method is called authentication by mentioning. However, your user need to have a Twitter account.

How does the method works? Prepare a short text and ask your user to tweet it and do not tweet anything else until the process is complete. She will have to inform your application that she has already tweeted the text. Your application will then verify that the user has indeed tweeted the text by reading it through Twitter's API. It is as simple as that. Your application needs to know your user's Twitter name to do so. Your user have to sign in to Twitter before she can tweet. You can be sure that the tweet is not done by somebody else. Tweeting is an act of mentioning. And verifying the tweeted text is an act of authentication. Hence, the term authentication by mentioning.

Your user may be reluctant to tweet the given text. So, you may need to give her a selection of text to choose from. The choices depend on the type of your application. It will be easier if your application itself is to do with tweeting. A step further, you may be able to add advertisement in the text and make extra money from the process!

Comments

Post a Comment

Popular posts from this blog

Setting Up PyScripter for Quantum GIS

PyScripter is a general purpose Python Integrated Development Environment (IDE). Quantum GIS (QGIS) is a desktop GIS application that can be extended with Python plugins. Both are open source softwares. We intend to use PyScripter as an IDE to build QGIS Python plugin. We are using PyScripter 2.4.1.0 and QGIS 1.6.0 in Windows. PyScripter does not come with Python. On the other hand, QGIS is built in with Python. Thus, we will setup up PyScripter to use the build in Python in QGIS. We assume both PyScripter and QGIS are already installed. Preparing PyScripter batch file We assume that QGIS is installed in C:\OSGeo4W\ folder and PyScripter is installed in C:\Program Files\PyScripter\ . 1. Copy qgis.bat in C:\OSGeo4W\ bin to pyscripter.bat 2. Edit pyscripter.bat to remove the last line that read something like this start "Quantum GIS" /B "%OSGEO4W_ROOT%"\apps\qgis\bin\qgis.exe %* and replace it with this in one line Start "PyScripter" /B "C:\Progr...
8 comments
Read more

Access Control

Access control is about controlling user flow within your application. Do not mistaken access control with security which is a bigger subject in itself. Access control begins by authenticating user and limit his or her activity in your application. An activity is something like creating, updating or deleting a content. There are always finite number of activities that can be done in a given application. Each user can be assigned to a set of activities that he or she is allowed to do. Access control is usually tied to session management. However, you do not need session management to have access control. When a user log in, a session is created so that the user is remembered for the subsequent access. Otherwise the user has to keep on providing his or her credential for each access. We can also keep a list of activities that the user is allowed to do in the session record. Some applications let the session alive indefinitely and some applications time out user after a duration of inacti...
Post a Comment
Read more

Separation of Front-end and Back-end Concerns

Separation of concerns is the cornerstone of MVC framework. Model, view and controller are three broad concerns of web-based software development. On its early days MVC was implemented on server side. The server renders views for clients. Nowadays, most clients render views themselves. Even the terminology of client-server has already morphed into front-end and back-end . The need for back-end to handle views is diminishing. View concerns have became increasingly complex with two big sub-concerns of aesthetic and dynamics. Front-end evolves into bigger MVC concerns of itself. While back-end evolves into larger modeling concerns. Now, front-end and back-end are two separate concerns. Front-end and back-end are handled by two different teams of software developers with different specialties. Back-end evolves into something like "dinner can be served even without plates, forks and spoons, without table and chairs, and without a dinning room." Front-end is serving the withouts....
Post a Comment
Read more