def twitter_authenticated(request): oauth_token = request.session.get('oauth_token',None) oauth_token_secret = request.session.get('oauth_token_secret', None) if oauth_token == None and oauth_token_secret == None: return HttpResponseRedirect('/') # Step 1. Use the request token in the session to build a new client. token = oauth.Token(oauth_token, oauth_token_secret) client = oauth.Client(consumer, token) # Step 2. Request the authorized access token from Twitter. resp, content = client.request(access_token_url, "GET") if resp['status'] != '200': return HttpResponseRedirect('/') access_token = dict(cgi.parse_qsl(content)) # Step 3. Lookup the user or create them if they don't exist. try: #user = User.objects.get(username=access_token['screen_name']) user = User.objects.get(username=access_token['user_id']) except User.DoesNotExist: # When creating the user I just use their [email protected] # for their email and the oauth_token_secret for their password. # These two things will likely never be used. Alternatively, you # can prompt them for their email here. Either way, the password # should never be used. user = User.objects.create_user(access_token['user_id'], '*****@*****.**' % access_token['screen_name'], access_token['oauth_token_secret']) # Save our permanent token and secret for later. profile = Profile() profile.user = user profile.twitter_username = access_token['screen_name'] profile.oauth_token = access_token['oauth_token'] profile.oauth_secret = access_token['oauth_token_secret'] profile.save() # Authenticate the user and log them in using Django's pre-built # functions for these things. if not user.check_password(access_token['oauth_token_secret']): user.set_password(access_token['oauth_token_secret']) user.save() profile = Profile.objects.get(user = user) profile.oauth_token = access_token['oauth_token'] profile.oauth_secret = access_token['oauth_token_secret'] profile.save() user = authenticate(username=access_token['user_id'], password=access_token['oauth_token_secret']) login(request, user) return HttpResponseRedirect('/')
def create_profile(user, oauth_token, secret_token): profile = Profile() profile.user = user profile.oauth_token = oauth_token profile.oauth_secret = secret_token profile.save() return
def authorized(request): """Callback for the oauth2 authorize call Args: request: django request object Returns: Redirect to home page on success """ context = RequestContext(request) if (request.method == 'GET'): #retrieve code from url code = request.GET.get('code', '') #build the url needed for the second step of the oauth2 flow. With this we should get the access token url = settings.SAMI_ACCOUNT_ACCESS_TOKEN param = {'code':code, #(required) code we just retrieved 'redirect_uri':settings.SAMI_RETURN_URI, #(optional) a redirect url in case something goes wrong 'client_id': settings.CLIENT_ID, #(required) app client id 'client_secret': settings.CLIENT_SECRET, #(required) app client secret 'grant_type': "authorization_code" #(required) type of access to be granted } #do a post request for the second step of the oauth2 flow result = requests.post(url, data = param) if (result.status_code != 200): print("Error: Could not get access token from oauth server") data = ast.literal_eval(result.text) token = (data["access_token"]) #get current user samiUser = getSelf(token=token) contextDict = {'active':"home"} response = HttpResponseRedirect('/', contextDict, context) #We will use django built in login funcionality to log in and log out users to the demo site. We shall associate #a profile model containing the access_token for the user so we can retrieve each time the user does a request try: #we use the sami user id as user name so it is unique user = User.objects.get(username=samiUser.id) except User.DoesNotExist: #if no user found we create one user = User.objects.create_user(username=samiUser.id, password=samiUser.id) #we create a profile, stash the access token and link it to the user profile = Profile() profile.user = user profile.oauth_token = token profile.save() #django login user = authenticate(username=samiUser.id, password=samiUser.id) django_login(request, user) return response