def twitter_return(request): request_token = request.session.get('request_token', None) # If there is no request_token for session, # means we didn't redirect user to twitter if not request_token: # Redirect the user to the login page, # So the user can click on the sign-in with twitter button return HttpResponse("We didn't redirect you to twitter...") token = OAuthToken.from_string(request_token) # If the token from session and token from twitter does not match # means something bad happened to tokens if token.key != request.GET.get('oauth_token', 'no-token'): del request.session['request_token'] # Redirect the user to the login page return HttpResponse("Something wrong! Tokens do not match...") twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token) access_token = twitter.getAccessToken() request.session['access_token'] = access_token.to_string() auth_user = authenticate(access_token=access_token) # if user is authenticated then login user if auth_user: login(request, auth_user) else: # We were not able to authenticate user # Redirect to login page del request.session['access_token'] del request.session['request_token'] return HttpResponse("Unable to authenticate you!") #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://" + request.get_host(), auth_user) # authentication was successful, use is now logged in #redirect to a proper page try: next = request.GET.__getitem__('next') except: next = getattr(settings, "LOGIN_REDIRECT_URL", "/") return HttpResponseRedirect(next)
def twitter_return(request): request_token = request.session.get('request_token', None) # If there is no request_token for session, # means we didn't redirect user to twitter if not request_token: # Redirect the user to the login page, # So the user can click on the sign-in with twitter button return HttpResponse("We didn't redirect you to twitter...") token = OAuthToken.from_string(request_token) # If the token from session and token from twitter does not match # means something bad happened to tokens if token.key != request.GET.get('oauth_token', 'no-token'): del request.session['request_token'] # Redirect the user to the login page return HttpResponse("Something wrong! Tokens do not match...") twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token) access_token = twitter.getAccessToken() request.session['access_token'] = access_token.to_string() auth_user = authenticate(access_token=access_token) # if user is authenticated then login user if auth_user: login(request, auth_user) else: # We were not able to authenticate user # Redirect to login page del request.session['access_token'] del request.session['request_token'] return HttpResponse("Unable to authenticate you!") #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://"+request.get_host(), auth_user) # authentication was successful, use is now logged in #redirect to a proper page try: next = request.GET.__getitem__('next') except: next = getattr(settings, "LOGIN_REDIRECT_URL", "/") return HttpResponseRedirect(next)
def authenticate(self, access_token): '''authenticates the token by requesting user information from twitter ''' twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, access_token) try: userinfo = twitter.GetUserInfo() except: # If we cannot get the user information, user cannot be authenticated return None screen_name = userinfo.screen_name try: userprofile = TwitterUserProfile.objects.get( screen_name=screen_name) user = userprofile.user except Exception: user = User(username=screen_name + unicode(int(time.time()))) # create and set a random password so user cannot login using django built-in authentication user.set_unusable_password() user.first_name = userinfo.name user.save() # Get the user profile userprofile = TwitterUserProfile() userprofile.user = user userprofile.access_token = access_token.to_string() userprofile.screen_name = screen_name userprofile.url = userinfo.url userprofile.location = userinfo.location userprofile.description = userinfo.description userprofile.profile_image_url = userinfo.profile_image_url userprofile.save() return user
def twitter_signin(request): twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET) request_token = twitter.getRequestToken() request.session['request_token'] = request_token.to_string() signin_url = twitter.getSigninURL(request_token) return HttpResponseRedirect(signin_url)