In my current project I had a task to use twitter API. Twitter uses OAuth for authentication, which is pretty dreary. To avoid fiddling with it all the time, I've moved authentication to decorator, now it looks like this:
@twitter_api
def tweet_hello(request, api):
api.update_status('hello')# ...Decorator checks if key is available, and, if needed - initiates authentication. User is redirected to twitter, grants permission and is redirected back to site, to the same place where he left off. If key is available - nothing happens, just view is launched as usual.
It's convenient that there's no need for additional twitter settings in user profile.
tweepy is used as an API wrapper.
def twitter_api(view):
def wrapped(request, args, *kwargs):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
if 'twitter_access_token' in request.session:
key, secret = request.session['twitter_access_token']
auth.set_access_token(key, secret)
return view(request, api=tweepy.API(auth), *args, **kwargs)
request.session['twitter_action'] = request.path
redirect_url = auth.get_authorization_url()
request.session['twitter_request_token'] = (auth.request_token.key, auth.request_token.secret)
return redirect(redirect_url)
return wrapped
def oauth_endpoint(request):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
key, secret = request.session.pop('twitter_request_token')
auth.set_request_token(key, secret)
verifier = request.REQUEST.get('oauth_verifier')
auth.get_access_token(verifier)
request.session['twitter_access_token'] = (auth.access_token.key, auth.access_token.secret)
return redirect(request.session.pop('twitter_action'))- of course, you need to wrap everything in try..except blocks and process errors accordingly
absolute_urlshould return full url, with http://- apart from
request.pathyou can also storePOSTandGET. - path can be passed as an argument to
callback_url
Subscribe for the news and updates
This article offers key insights into the ISTQB certification and shares a proven preparation strategy to help candidates succeed.
In one of our recent projects, we had an interesting case: the whole application was built around an interactive map for a fairly large shopping mall, and the main goal of the system was to plot the closest route to a user-selected destination.
In our article, you will find the best JavaScript framework comparison so that you know for sure how to choose the right one for your project.
We often handling API server updates including backwards-incompatible changes when upgrading web applications. At the same time we update the client part, therefore, we did not experience any particular difficulties.
In order to check if user is authentcated in test, you can run:
Everybody knows about permalink, but it's usually used only in get_absolute_url. I prefer to use it for all related model urls.class Event(models.Model):# ...@models.permalinkdef edit_url(self):return ('event_edit', (self.pk, ))And then in template:<a href="{{ event.edit_url }}">Редактировать событие</a>