In my current project I had a task to use twitter API. Twitter uses OAuth for authentication, which is pretty dreary. To avoid fiddling with it all the time, I've moved authentication to decorator, now it looks like this:
@twitter_api
def tweet_hello(request, api):
api.update_status('hello')# ...Decorator checks if key is available, and, if needed - initiates authentication. User is redirected to twitter, grants permission and is redirected back to site, to the same place where he left off. If key is available - nothing happens, just view is launched as usual.
It's convenient that there's no need for additional twitter settings in user profile.
tweepy is used as an API wrapper.
def twitter_api(view):
def wrapped(request, args, *kwargs):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
if 'twitter_access_token' in request.session:
key, secret = request.session['twitter_access_token']
auth.set_access_token(key, secret)
return view(request, api=tweepy.API(auth), *args, **kwargs)
request.session['twitter_action'] = request.path
redirect_url = auth.get_authorization_url()
request.session['twitter_request_token'] = (auth.request_token.key, auth.request_token.secret)
return redirect(redirect_url)
return wrapped
def oauth_endpoint(request):
callback_url = absolute_url(oauth_endpoint)
auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, callback_url)
key, secret = request.session.pop('twitter_request_token')
auth.set_request_token(key, secret)
verifier = request.REQUEST.get('oauth_verifier')
auth.get_access_token(verifier)
request.session['twitter_access_token'] = (auth.access_token.key, auth.access_token.secret)
return redirect(request.session.pop('twitter_action'))- of course, you need to wrap everything in try..except blocks and process errors accordingly
absolute_urlshould return full url, with http://- apart from
request.pathyou can also storePOSTandGET. - path can be passed as an argument to
callback_url
Subscribe for the news and updates
Django ORM is a very abstract and flexible API. But if you do not know exactly how it works, you will likely end up with slow and heavy views, if you have not already. So, this article provides practical solutions to N+1 and high loading time issues. For clarity, I will create a simple view that demonstrates common ORM query problems and shows frequently used practices.
Programmatic generation of PDF files is a frequent task when developing applications that can export reports, bills, or questionnaires. In this article, we will consider three common tools for creating PDFs, including their installation and converting principles.
Protection of WEB App is of paramount importance and it should be afforded the same level of security as the intellectual rights or private property. I'm going to cover how to protect your web app.
In this article, we will describe some useful scripts and directives we use with angular form validation in our projects.
It appears that not everyone knows that in python you can create classes dynamically without metaclasses. I'll show an example of how to do it.So we've learned how to use custom QuerySet to chain requests:Article.objects.old().public()Now we need to make it work for related objects:user.articles.old().public()This is done using use_for_related_fields, but it needs a little trick.
There was a task to submit form with ajax, with server side validation of course. Obvious solution is to do validation and return json with erros. I didn't like idea of writing separate view for validation and then inserting errors in form html on client side. Especially since I already had a generic template for django form with errors display. In this article I'll describe how I solved the task.