def twitter_authenticated(request):
oauth_token = request.session.get('oauth_token',None)
oauth_token_secret = request.session.get('oauth_token_secret', None)
if oauth_token == None and oauth_token_secret == None:
return HttpResponseRedirect('/')
# Step 1. Use the request token in the session to build a new client.
token = oauth.Token(oauth_token, oauth_token_secret)
client = oauth.Client(consumer, token)
# Step 2. Request the authorized access token from Twitter.
resp, content = client.request(access_token_url, "GET")
if resp['status'] != '200':
return HttpResponseRedirect('/')
access_token = dict(cgi.parse_qsl(content))
# Step 3. Lookup the user or create them if they don't exist.
try:
#user = User.objects.get(username=access_token['screen_name'])
user = User.objects.get(username=access_token['user_id'])
except User.DoesNotExist:
# When creating the user I just use their [email protected]
# for their email and the oauth_token_secret for their password.
# These two things will likely never be used. Alternatively, you
# can prompt them for their email here. Either way, the password
# should never be used.
user = User.objects.create_user(access_token['user_id'], '*****@*****.**' % access_token['screen_name'],
access_token['oauth_token_secret'])
# Save our permanent token and secret for later.
profile = Profile()
profile.user = user
profile.twitter_username = access_token['screen_name']
profile.oauth_token = access_token['oauth_token']
profile.oauth_secret = access_token['oauth_token_secret']
profile.save()
# Authenticate the user and log them in using Django's pre-built
# functions for these things.
if not user.check_password(access_token['oauth_token_secret']):
user.set_password(access_token['oauth_token_secret'])
user.save()
profile = Profile.objects.get(user = user)
profile.oauth_token = access_token['oauth_token']
profile.oauth_secret = access_token['oauth_token_secret']
profile.save()
user = authenticate(username=access_token['user_id'], password=access_token['oauth_token_secret'])
login(request, user)
return HttpResponseRedirect('/')
def create_profile(user, oauth_token, secret_token):
profile = Profile()
profile.user = user
profile.oauth_token = oauth_token
profile.oauth_secret = secret_token
profile.save()
return
def authorized(request):
"""Callback for the oauth2 authorize call
Args:
request: django request object
Returns: Redirect to home page on success
"""
context = RequestContext(request)
if (request.method == 'GET'):
#retrieve code from url
code = request.GET.get('code', '')
#build the url needed for the second step of the oauth2 flow. With this we should get the access token
url = settings.SAMI_ACCOUNT_ACCESS_TOKEN
param = {'code':code, #(required) code we just retrieved
'redirect_uri':settings.SAMI_RETURN_URI, #(optional) a redirect url in case something goes wrong
'client_id': settings.CLIENT_ID, #(required) app client id
'client_secret': settings.CLIENT_SECRET, #(required) app client secret
'grant_type': "authorization_code" #(required) type of access to be granted
}
#do a post request for the second step of the oauth2 flow
result = requests.post(url, data = param)
if (result.status_code != 200):
print("Error: Could not get access token from oauth server")
data = ast.literal_eval(result.text)
token = (data["access_token"])
#get current user
samiUser = getSelf(token=token)
contextDict = {'active':"home"}
response = HttpResponseRedirect('/', contextDict, context)
#We will use django built in login funcionality to log in and log out users to the demo site. We shall associate
#a profile model containing the access_token for the user so we can retrieve each time the user does a request
try:
#we use the sami user id as user name so it is unique
user = User.objects.get(username=samiUser.id)
except User.DoesNotExist:
#if no user found we create one
user = User.objects.create_user(username=samiUser.id, password=samiUser.id)
#we create a profile, stash the access token and link it to the user
profile = Profile()
profile.user = user
profile.oauth_token = token
profile.save()
#django login
user = authenticate(username=samiUser.id, password=samiUser.id)
django_login(request, user)
return response
