tags:

views:

365

answers:

2
Q: 

how to end user session (log out) in twitter using objective C

Hi friends,

I have integrated twitter in my app. but I am not able to log out the session of the user. For logging I am using http://%@@twitter.com/statuses/update.xml
and passing the username and pswd in the url. Inside body i pass the string that needs to be updated and its working fine.

Now For log out they have an request called http://twitter.com/account/end_session
and it is been said we need to use post request. But I am not able to get what we have to pass in body and header so that twitter should know which user has requested for log out.

Below is the link of documnetation but I didnt suceed in this.
http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-account%C2%A0end_session

Waiting for reply

Thanks in advance

+2  A: 

When you are posting to statuses/update.xml using the method you described, you are not logging in, you are simply updating the user’s status and passing the user name and password with the request. As you are not logging in, there is no session and no need to log out. This is good, because it’s easy, and it’s bad, because it’s insecure – you’re passing the password openly. Read the documentation about authentication. The authentication method you’re using right now is called “Basic Auth” there.

You can look at how you post looks in the HTTP request:

$ nc -l 1234
$ curl -d "Status update" http://user:passwd@localhost:1234

The output from netcat looks like this:

POST / HTTP/1.1
Authorization: Basic dXNlcjpwYXNzd2Q=
Host: localhost:1234
Accept: */*
Content-Length: 13
Content-Type: application/x-www-form-urlencoded

Status update

The Authorization line is the “Basic Auth” as described by the Twitter API docs and Wikipedia.

zoul  2010-02-25 06:20:55
The below text $ nc -l 1234 $ curl -d "Status update" http://user:passwd@localhost:1234 should be passes in the body ?
Ekra  2010-02-25 08:40:06
Sorry, that apparently did more harm than good. That code does not belong into the body – it’s just a bunch of Unix commands to see what’s going on when you post to the `statuses/update.xml` URL.
zoul  2010-02-25 09:55:25
A: 

But once I post my request in twitter. Now If I change the password and send the request again it should shows me authentication failed but instead it allows me to post the request with wrong password. That means it is storing the session somewhere and not checking the password the second time.

But If the username is changed it works properly.

Ekra  2010-02-25 06:27:20
You should use the comment-section and not the answers section for such clarification/s.
Till  2010-02-25 06:32:35
This should be a comment, not an answer. There could be a grace period before the password change gets propagated to the server that handles the API access. I’m not sure about this, I don’t know Twitter, but it sounds a bit more probable than some “implicit session” created by the code you posted.
zoul  2010-02-25 06:36:30

related questions

How do we get arround Apple's decission to skip sms templates for iPhone?
iPhone App Crashing - Error Question
Can I write native iPhone apps using Python
Does the Iphone 1/2 have a compass inside?
How do you beta test an iphone app?
Is it just the iPhone simulator that is restricted to intel only Mac's?
iPhone App Minus App Store?
Deleting messages from Exchange IMAP mailbox on iPhone
Is there a multiplatform framework for developing iPhone / Android applications?
How can I launch the Google Maps iPhone application from within my own native application?
Tips for a successful AppStore submission?
iPhone app that access the Core Location framework over web
Virtual Mac?
What's a good machine for iPhone development?
How can I develop for iPhone using a Windows development machine?
Recommended iPhone Development Resources
Best Wiki for Mobile Users
How to programmatically send SMS on the iPhone?
iPhone - Exchange Calendars in Public Folders
iPhone web applications, templates, frameworks?
Understanding reference counting with Cocoa / Objective C
How-to articles for iPhone development, Objective-C
What are the correct pixel dimensions for an apple-touch-icon?
How do I give my web sites an icon for iPhone?
iPhone app in landscape mode