In my current project I had a task to use twitter API. Twitter uses OAuth for authentication, which is pretty dreary. To avoid fiddling with it all the time, I've moved authentication to decorator, now it looks like this:
@twitter_api
def tweet_hello(request, api):
api.update_status('hello')# ...Decorator checks if key is available, and, if needed - initiates authentication. User is redirected to twitter, grants permission and is redirected back to site, to the same place where he left off. If key is available - nothing happens, just view is launched as usual.
It's convenient that there's no need for additional twitter settings in user profile.
tweepy is used as an API wrapper.
def twitter_api(view):
def wrapped(request, args, *kwargs):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
if 'twitter_access_token' in request.session:
key, secret = request.session['twitter_access_token']
auth.set_access_token(key, secret)
return view(request, api=tweepy.API(auth), *args, **kwargs)
request.session['twitter_action'] = request.path
redirect_url = auth.get_authorization_url()
request.session['twitter_request_token'] = (auth.request_token.key, auth.request_token.secret)
return redirect(redirect_url)
return wrapped
def oauth_endpoint(request):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
key, secret = request.session.pop('twitter_request_token')
auth.set_request_token(key, secret)
verifier = request.REQUEST.get('oauth_verifier')
auth.get_access_token(verifier)
request.session['twitter_access_token'] = (auth.access_token.key, auth.access_token.secret)
return redirect(request.session.pop('twitter_action'))- of course, you need to wrap everything in try..except blocks and process errors accordingly
absolute_urlshould return full url, with http://- apart from
request.pathyou can also storePOSTandGET. - path can be passed as an argument to
callback_url
Subscribe for the news and updates
Test analysis is an essential and crucial activity in the testing process. A well-organized test analysis provides an adequate level of confidence in the overall effectiveness of the testing and contributes to the delivery of high-quality software.
In this beginners friends article I'll explain how to make authentication with Google account on your Django site and how to make authentication for you REST API.
Protection of WEB App is of paramount importance and it should be afforded the same level of security as the intellectual rights or private property. I'm going to cover how to protect your web app.
This article is aimed for beginners, who are trying to choose between Ruby on Rails and Django. Let’s see which is fastest and why.
For any project there may be a need to use a database full-text search. We expect high speed and relevant results from this search. When we face such problem, we usually think about Solr, ElasticSearch, Sphinx, AWS CloudSearch, etc. But in this article we will talk about PostgreSQL. Starting from version 8.3, a full-text search support in PostgreSQL is available. Let's look at how it is implemented in the DBMS itself.
When we use css-sprites it's important to make browser cache them for longest period possible. On other hand, we need to refresh them when they are updated. This is especially visible when all icons are stored in single sprite. When it's outdated - entire site becomes ugly.