Rails - Using twitter oAuth for logging in users

Question

I use Twitter oAuth to allow users to signup for my site.

I have the user's access_token, access_secret from their signup stored.
When the user wants to return to the site and login to their account, how do I authenticate them using twitter login/password?

I do not want to ask users to give access like:
- give access to example.com to read/write your stuff on twitter

The user already has signed up using their twitter credentials, how do I reuse it instead of asking them to create a separate password?
I would rather not venture towards authlogic in addition to oauth

Currently, if the user is already logged into twitter, I can authenticate him. using the access_token, access_secret. What if he is not logged in? How do I prompt for username/password for twitter and authenticate for my app?

Thanks for your help.

Answer 1

Try using them OmniAuth gem. Makes doing that pretty straight forward.

If you're not wanting another gem dependency, you could probably code up your own functionality based on what they do with their twitter strategy and abstract oauth logic.

Answer 2

This RailsCasts episode demonstrates how to create a simple authentication system that only requires an OAuth verification, without the need for a seperate user account maintained by your app.