A common thing that people want to implement into their applications is some form of login support through some sort of external provider. The big advantage of this is that when people then want to create their account, they can avoid having to create yet another login to deal with. This can remove a major blocker from people wanting to sign up to your site, so this is always a great thing to do, but it's also something that's a bit complicated! Based on that, let's demystify this feature a little bit and implement a Twitter account creation and login system in our application!

We'll also spend a little bit of time implementing a Google account creation and login system just to demonstrate how easy Ueberauth makes it to add new OAuth strategies to your application without having to reimplement a bunch of things over and over!

Part of the reason for including this is that this is probably one of the most commonly requested features for implementations on a lot of new startups. This is also something that tends to be very difficult to figure out the first time you try and tackle it. If you've never attempted to create an OAuth sign in before, it can be difficult to navigate each of the site's various workflows to get an application up and running, and then taking that information and applying it to your application is even harder!

The way OAuth works is as follows:

1. The user makes a request to log in via their OAuth provider of choice
2. The application makes a request on behalf of the user asking for permission
3. The OAuth provider returns a request token and a secret token
4. The user is redirected with the token and secret back to the OAuth provider to approve the login request
5. The user approves the request and returns the access token and secret token
6. The application then finalizes the login with the provider with the access token and secret token

The hope is that by the end of this chapter, you have a firm grasp on at least two OAuth providers and can apply what you've learned should you also decide to implement something like Facebook or some other provider that supports OAuth2! Let's take a look at our first implementation: Twitter sign in!