Back
May 12, 2010

Twitter API, OAuth and decorators

In my current project I had a task to use twitter API. Twitter uses OAuth for authentication, which is pretty dreary. To avoid fiddling with it all the time, I've moved authentication to decorator, now it looks like this:

@twitter_api
def tweet_hello(request, api):
    api.update_status('hello')
# ...

Decorator checks if key is available, and, if needed - initiates authentication. User is redirected to twitter, grants permission and is redirected back to site, to the same place where he left off. If key is available - nothing happens, just view is launched as usual.

It's convenient that there's no need for additional twitter settings in user profile.

tweepy is used as an API wrapper.

def twitter_api(view):
    def wrapped(request, args, *kwargs):
        callback_url = absolute_url(oauth_endpoint)
        auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)

        if 'twitter_access_token' in request.session:
            key, secret =     request.session['twitter_access_token']
            auth.set_access_token(key, secret)
            return view(request, api=tweepy.API(auth), *args, **kwargs)

        request.session['twitter_action'] = request.path
        redirect_url = auth.get_authorization_url()
        request.session['twitter_request_token'] = (auth.request_token.key, auth.request_token.secret)
        return redirect(redirect_url)

    return wrapped


def oauth_endpoint(request):
    callback_url = absolute_url(oauth_endpoint)
    auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
    key, secret = request.session.pop('twitter_request_token')
    auth.set_request_token(key, secret)
    verifier = request.REQUEST.get('oauth_verifier')
    auth.get_access_token(verifier)
    request.session['twitter_access_token'] = (auth.access_token.key, auth.access_token.secret)
    return redirect(request.session.pop('twitter_action'))
  • of course, you need to wrap everything in try..except blocks and process errors accordingly
  • absolute_url should return full url, with http://
  • apart from request.path you can also store POST and GET.
  • path can be passed as an argument to callback_url

Subscribe for the news and updates

More thoughts
May 18, 2017Technology
Angular2: Development Tips and Trick

In this article we'll discuss some tricks you can use with Angular to make routing cleaner and improve SEO of your application.

Mar 2, 2017Technology
API versioning with django rest framework?

We often handling API server updates including backwards-incompatible changes when upgrading web applications. At the same time we update the client part, therefore, we did not experience any particular difficulties.

Feb 28, 2017Technology
Passing pieces of markup to components in Angular 2 and problems with dynamic content

In this article we'll research how to pass custom markup to Angular components and how to create different types of dynamic components.

Feb 28, 2017Technology
How to write an API in Django

There is such a term as Remote Procedure Call (RPC). In other words, by using this technology, programs can call functions on remote computers. There are many ways to implement RPC.

Dec 1, 2016Technology
How to Use Django & PostgreSQL for Full Text Search

For any project there may be a need to use a database full-text search. We expect high speed and relevant results from this search. When we face such problem, we usually think about Solr, ElasticSearch, Sphinx, AWS CloudSearch, etc. But in this article we will talk about PostgreSQL. Starting from version 8.3, a full-text search support in PostgreSQL is available. Let's look at how it is implemented in the DBMS itself.

Feb 18, 2010Technology
Business logic in models

In my recent project there was a lot of data business logic, so I had to organize this code somehow. In this article I'll describe a few hints on how to it.