Back
May 12, 2010

Twitter API, OAuth and decorators

In my current project I had a task to use twitter API. Twitter uses OAuth for authentication, which is pretty dreary. To avoid fiddling with it all the time, I've moved authentication to decorator, now it looks like this:

@twitter_api
def tweet_hello(request, api):
    api.update_status('hello')
# ...

Decorator checks if key is available, and, if needed - initiates authentication. User is redirected to twitter, grants permission and is redirected back to site, to the same place where he left off. If key is available - nothing happens, just view is launched as usual.

It's convenient that there's no need for additional twitter settings in user profile.

tweepy is used as an API wrapper.

def twitter_api(view):
    def wrapped(request, args, *kwargs):
        callback_url = absolute_url(oauth_endpoint)
        auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)

        if 'twitter_access_token' in request.session:
            key, secret =     request.session['twitter_access_token']
            auth.set_access_token(key, secret)
            return view(request, api=tweepy.API(auth), *args, **kwargs)

        request.session['twitter_action'] = request.path
        redirect_url = auth.get_authorization_url()
        request.session['twitter_request_token'] = (auth.request_token.key, auth.request_token.secret)
        return redirect(redirect_url)

    return wrapped


def oauth_endpoint(request):
    callback_url = absolute_url(oauth_endpoint)
    auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
    key, secret = request.session.pop('twitter_request_token')
    auth.set_request_token(key, secret)
    verifier = request.REQUEST.get('oauth_verifier')
    auth.get_access_token(verifier)
    request.session['twitter_access_token'] = (auth.access_token.key, auth.access_token.secret)
    return redirect(request.session.pop('twitter_action'))
  • of course, you need to wrap everything in try..except blocks and process errors accordingly
  • absolute_url should return full url, with http://
  • apart from request.path you can also store POST and GET.
  • path can be passed as an argument to callback_url

Subscribe for the news and updates

More thoughts
Aug 18, 2022Technology
5 Best Practices of RESTful API Design to Keep Your Users Happy

Dive into our guide to RESTful API best practices

Apr 27, 2022TechnologyBusiness
How to Choose the Best Javascript Framework: Comparison of the Top Javascript Frameworks

In our article, you will find the best JavaScript framework comparison so that you know for sure how to choose the right one for your project.

May 26, 2017Technology
Tutorial: Django User Registration and Authentication

In this beginners friends article I'll explain how to make authentication with Google account on your Django site and how to make authentication for you REST API.

Dec 11, 2016Technology
Auto WebSocket Reconnection with RxJS (with Example)

In this RxJS tutorial article, we will focus on restoring the websocket connection when using RxJS library.

Dec 1, 2016Technology
How to Use Django & PostgreSQL for Full Text Search

For any project there may be a need to use a database full-text search. We expect high speed and relevant results from this search. When we face such problem, we usually think about Solr, ElasticSearch, Sphinx, AWS CloudSearch, etc. But in this article we will talk about PostgreSQL. Starting from version 8.3, a full-text search support in PostgreSQL is available. Let's look at how it is implemented in the DBMS itself.

Mar 6, 2010Technology
Ajax form validation

There was a task to submit form with ajax, with server side validation of course. Obvious solution is to do validation and return json with erros. I didn't like idea of writing separate view for validation and then inserting errors in form html on client side. Especially since I already had a generic template for django form with errors display. In this article I'll describe how I solved the task.