Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Twitter OAuth with node-oauth for node.js+express
var express = require('express');
var sys = require('sys');
var oauth = require('oauth');
var app = express.createServer();
var _twitterConsumerKey = "YOURTWITTERCONSUMERKEY";
var _twitterConsumerSecret = "YOURTWITTERCONSUMERSECRET";
function consumer() {
return new oauth.OAuth(
"", "",
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", "", "HMAC-SHA1");
app.configure('development', function(){
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
session: function(req, res){
return req.session;
app.get('/', function(req, res){
res.send('Hello World');
app.get('/sessions/connect', function(req, res){
consumer().getOAuthRequestToken(function(error, oauthToken, oauthTokenSecret, results){
if (error) {
res.send("Error getting OAuth request token : " + sys.inspect(error), 500);
} else {
req.session.oauthRequestToken = oauthToken;
req.session.oauthRequestTokenSecret = oauthTokenSecret;
app.get('/sessions/callback', function(req, res){
consumer().getOAuthAccessToken(req.session.oauthRequestToken, req.session.oauthRequestTokenSecret, req.query.oauth_verifier, function(error, oauthAccessToken, oauthAccessTokenSecret, results) {
if (error) {
res.send("Error getting OAuth access token : " + sys.inspect(error) + "["+oauthAccessToken+"]"+ "["+oauthAccessTokenSecret+"]"+ "["+sys.inspect(results)+"]", 500);
} else {
req.session.oauthAccessToken = oauthAccessToken;
req.session.oauthAccessTokenSecret = oauthAccessTokenSecret;
// Right here is where we would write out some nice user stuff
consumer.get("", req.session.oauthAccessToken, req.session.oauthAccessTokenSecret, function (error, data, response) {
if (error) {
res.send("Error getting twitter screen name : " + sys.inspect(error), 500);
} else {
req.session.twitterScreenName = data["screen_name"];
res.send('You are signed in: ' + req.session.twitterScreenName)
app.listen(parseInt(process.env.PORT || 80));

Hello everyone!
I have all required modules installed and have copypasted this code but it doesn't run..
It says " Object # has no method 'cookieDecoder' "

If I comment the line
other errors appear

change 'cookieParser'


jeffrafter commented Nov 17, 2011


I am new to oauth, and this is exactly what I was looking for!

glebus commented Feb 25, 2012

Object function consumer() {
return new oauth.OAuth(
"", "",
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", "", "HMAC-SHA1");
} has no method 'get'

jgendr2 commented Feb 26, 2012

@glebus, having the same issue..let me know if you figure anymore out.

glebus commented Feb 26, 2012

I think line 56 should look like this
consumer().get("", req.session.oauthAccessToken, req.session.oauthAccessTokenSecret, function (error, data, response)

glebus commented Feb 26, 2012

I do not understand. As a result, displays the message:
You are signed in: undefined

Although if you look at the contents of the data object, there is a property screen_name. I have the feeling that at the time using the data object, it is still empty.

jgendr2 commented Feb 26, 2012

Yea that worked for me, on line 56, consumer should be consumer() Thanks!

glebus commented Feb 28, 2012

String req.session.twitterScreenName = data["screen_name"]; (60) returns error, because data is string, not object. Need data = JSON.parse(data);

Hope this helps!

I'm seeing the following error while trying to require in sessions:

    throw e; // process.nextTick error, or 'error' event on first tick

Error: connect.session({ secret: "string" }) required for security

Not sure if anyone else ran into this. Would appreciate any help. Thanks.

glebus commented Mar 2, 2012

app.use(express.session()); (20)
must be

Thanks. I've created an updated gist with the suggested and have it working for anyone interested --

i have a problem with this.

req.session is undefined and so I don't get accessToken and accessTokenSecret.

and dynamicHelper is no longer present in express 3, and this may be the reason why session is not defined. i am only guessing, does anyone have any ideas why req.session is undefined???

use this in config to replace dynamic helper:

app.use(function(req, res){
res.locals = req.session;

See this post on stackoverflow:

My problem is I can not get req.query.oauth_verifier

Problem solved thanks

super one , Thanks

I have a version of this gist that works with Express 3 and shows both twitter (OAuth) and Google (OAuth2) here:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment