There is something else to consider in Twitter OAuth, and that is the secret key that is associated with a Twitter account’s lifetime. Actually, the secret key never expires, which means that the Twitter App could keep a user connect as long as needed.
So the trick is that once the user has authorized your application to perform status update, you make a call to ‘http://twitter.com/account/verify_credentials.xml‘ to retrieve the users screen name. All you have to do, is call
to set the cookie on the users browser. If you want the user to be logged on for eternity (well you can’t have a user connect for more that a year), set the timeout value to whatever you feel right in the web.config file as follow:
<authentication mode="Forms"> <forms loginUrl="YOUR_LOGIN_PAGE" timeout="2880"/> </authentication>
The secret key will have to be saved somewhere (like a DB) do that is can be used when the user comes back to your website. Of course, there should be a Logout button somewhere on your website. When user asks to log out, simply call
to have the cookie removed. Note: next time the user will want to come back, he will have to go through the Twitter OAuth authorization process again, since that’s the only way your app will be able to authenticate the user.