In my current project I had a task to use twitter API. Twitter uses OAuth for authentication, which is pretty dreary. To avoid fiddling with it all the time, I've moved authentication to decorator, now it looks like this:
@twitter_api
def tweet_hello(request, api):
api.update_status('hello')# ...Decorator checks if key is available, and, if needed - initiates authentication. User is redirected to twitter, grants permission and is redirected back to site, to the same place where he left off. If key is available - nothing happens, just view is launched as usual.
It's convenient that there's no need for additional twitter settings in user profile.
tweepy is used as an API wrapper.
def twitter_api(view):
def wrapped(request, args, *kwargs):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
if 'twitter_access_token' in request.session:
key, secret = request.session['twitter_access_token']
auth.set_access_token(key, secret)
return view(request, api=tweepy.API(auth), *args, **kwargs)
request.session['twitter_action'] = request.path
redirect_url = auth.get_authorization_url()
request.session['twitter_request_token'] = (auth.request_token.key, auth.request_token.secret)
return redirect(redirect_url)
return wrapped
def oauth_endpoint(request):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
key, secret = request.session.pop('twitter_request_token')
auth.set_request_token(key, secret)
verifier = request.REQUEST.get('oauth_verifier')
auth.get_access_token(verifier)
request.session['twitter_access_token'] = (auth.access_token.key, auth.access_token.secret)
return redirect(request.session.pop('twitter_action'))- of course, you need to wrap everything in try..except blocks and process errors accordingly
absolute_urlshould return full url, with http://- apart from
request.pathyou can also storePOSTandGET. - path can be passed as an argument to
callback_url
Subscribe for the news and updates
This article explores Figma’s Dev Mode, a tool that streamlines design-to-code translation by enabling precise inspection, automated code generation, and seamless integration with design systems.
This article offers key insights into the ISTQB certification and shares a proven preparation strategy to help candidates succeed.
Tired of boring programming courses where you're forced to read thick textbooks and write code that's never used? Need a platform that makes learning fun and exciting? Then you're in the right place!
Protection of WEB App is of paramount importance and it should be afforded the same level of security as the intellectual rights or private property. I'm going to cover how to protect your web app.
There was a task to submit form with ajax, with server side validation of course. Obvious solution is to do validation and return json with erros. I didn't like idea of writing separate view for validation and then inserting errors in form html on client side. Especially since I already had a generic template for django form with errors display. In this article I'll describe how I solved the task.
In my recent project there was a lot of data business logic, so I had to organize this code somehow. In this article I'll describe a few hints on how to it.