def twitter_authenticated(request): # Step 1. Use the request token in the session to build a new client. token = oauth.Token( request.session['request_token']['oauth_token'], request.session['request_token']['oauth_token_secret'] ) token.set_verifier(request.GET['oauth_verifier']) client = oauth.Client(consumer, token) # Step 2. Request the authorized access token from Twitter. resp, content = client.request(access_token_url, "GET") if resp['status'] != '200': print(content) raise Exception("Invalid response from Twitter.") """ This is what you'll get back from Twitter. Note that it includes the user's user_id and screen_name. { 'oauth_token_secret': 'IcJXPiJh8be3BjDWW50uCY31chyhsMHEhqJVsphC3M', 'user_id': '120889797', 'oauth_token': '120889797-H5zNnM3qE0iFoTTpNEHIz3noL9FKzXiOxwtnyVOD', 'screen_name': 'heyismysiteup' } """ access_token = convert(dict(parse.parse_qsl(content))) # Step 3. Lookup the user or create them if they don't exist. try: user = User.objects.get(username=access_token['screen_name']) except User.DoesNotExist: # When creating the user I just use their [email protected] # for their email and the oauth_token_secret for their password. # These two things will likely never be used. Alternatively, you # can prompt them for their email here. Either way, the password # should never be used. user = User.objects.create_user( access_token['screen_name'], '*****@*****.**' % access_token['screen_name'], access_token['oauth_token_secret'] ) # Save our permanent token and secret for later. profile = Profile() profile.user = user profile.oauth_token = access_token['oauth_token'] profile.oauth_secret = access_token['oauth_token_secret'] profile.created_now = True profile.save() # Authenticate the user and log them in using Django's pre-built # functions for these things. user = authenticate( username=access_token['screen_name'], password=access_token['oauth_token_secret'] ) login(request, user) return HttpResponseRedirect(home_url)