Great you working on Twitter login! I have implemented the same thing, but am really glad that you guys are working at it too. One thing I found out today is that because it is so easy to create a Twitter account, it is now also easy to spam a site that implements Twitter login.

We have put a CAPTCHA module in place for all users for new comments/nodes. Perhaps this is a good idea to mention to others as well, as the authentication of users now happens outside the realm of Drupal and thus the user is to be trusted less (or is this an erroneous assumption?). Another suggestion would be to require users to fill out a CAPTCHA once they have become a user (first time they login on a drupal site through twitter).

Eelke

Comments

steinmb’s picture

steinmb commented
Status: Active » Fixed

No longer an issue with OAuth. The twitter account need to be added to an Drupal site to login.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.