Step by Step Guide to use Sign in with Twitter with Django

If you will have a look at OAuth examples on twitter apiwiki there are already examples available to use Sign in with Twitter with Django, so why this new howto and example code. Because being a perfectionist I like things to be the standard way, so for authentication django allows you to specify your own customized authentication backends. I thought why should not that be utilized to authenticate the Django User object with twitter.

There are few pre-requisites listed below in the order they are needed:

• simplejson
• oauth
• python-twitter
• oauth-python-twitter
• TwitterBackend from djangosnippets.org

This guide assumes that simplejson, oauth, python-twitter and oauth-python-twitter are already on your python path.

1. Now create a new Django project: twitterapp

django-admin startproject

2. Change to the project directory.

3. Now start a new app inside the project

python manage.py startapp twitterauth

4. Create a new directory: backends

mkdir backends

5. Change to the backends directory and create 2 new empty files.

cd backends
touch __init__.py
touch twitteroauth.py

6. Copy the code from TwitterBackend into the empty file: twitteroauth.py

7. Now configure your settings.py and add/edit following configuration variables

CONSUMER_KEY = "Your consumer key from twitter"

CONSUMER_SECRET = "You consumer secret from twitter"

AUTHENTICATION_BACKENDS = (
    'backends.twitteroauth.TwitterBackend',
    'django.contrib.auth.backends.ModelBackend',
)

AUTH_PROFILE_MODULE = "twitterauth.UserProfile"

8. Now goto the twitterauth app directory and create a UserProfile module and post save signal processor as follows:

from django.db import models
from django.db.models.signals import post_save
from django.contrib.auth.models import User
class UserProfile(models.Model):
	user = models.ForeignKey(User)
	access_token = models.CharField(max_length=255, blank=True, null=True, editable=False)
	profile_image_url = models.URLField(blank=True, null=True)
	location = models.CharField(max_length=100, blank=True, null=True)
	url = models.URLField(blank=True, null=True)
	description = models.CharField(max_length=160, blank=True, null=True)

	def __str__(self):
		return "%s's profile" % self.user

def create_user_profile(sender, instance, created, **kwargs):
	if created:
		profile, created = UserProfile.objects.get_or_create(user=instance)

post_save.connect(create_user_profile, sender=User)

9. Now modify your views.py in twitterauth app directory as following:

from django.conf import settings
from django.http import HttpResponseRedirect, HttpResponse
from django.contrib.auth import login, authenticate

from oauthtwitter import OAuthApi
import oauth

CONSUMER_KEY = getattr(settings, 'CONSUMER_KEY', 'YOUR_KEY')
CONSUMER_SECRET = getattr(settings, 'CONSUMER_SECRET', 'YOUR_SECRET')

def twitter_signin(request):
	twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET)
	request_token = twitter.getRequestToken()
	request.session['request_token'] = request_token.to_string()
	signin_url = twitter.getSigninURL(request_token)
	return HttpResponseRedirect(signin_url)

def twitter_return(request):
	request_token = request.session.get('request_token', None)

	# If there is no request_token for session,
	#    means we didn't redirect user to twitter
	if not request_token:
		# Redirect the user to the login page,
		# So the user can click on the sign-in with twitter button
		return HttpResponse("We didn't redirect you to twitter...")

	token = oauth.OAuthToken.from_string(request_token)

	# If the token from session and token from twitter does not match
	#   means something bad happened to tokens
	if token.key != request.GET.get('oauth_token', 'no-token'):
		del request.session['request_token']
		# Redirect the user to the login page
		return HttpResponse("Something wrong! Tokens do not match...")

	twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token)
	access_token = twitter.getAccessToken()

	request.session['access_token'] = access_token.to_string()
	auth_user = authenticate(access_token=access_token)

	# if user is authenticated then login user
	if auth_user:
		login(request, auth_user)
	else:
		# We were not able to authenticate user
		# Redirect to login page
		del request.session['access_token']
		del request.session['request_token']
		return HttpResponse("Unable to authenticate you!")

	# authentication was successful, use is now logged in
	return HttpResponse("You are logged in")

10. Add the following 2 lines to urls.py at correct location.

    url('^login/$', twitter_signin, name='login'),
    url('^return/$', twitter_return, name='return'),

11. Now start the django devevelopment server

python manage.py runserver


12. Goto http://localhost:8000/login and you will be redirected to user for authentication, and if everything wents well you will see the message that your are logged in.

If you like this post:
:: :: :: :: :: :: :: :: :: :: ::

How to use oauth-python-twitter

Using OAuth for authentication is quite different then using Basic Auth in many ways, first major difference is that one don’t know the username until it is requested from twitter after completing the authentication process.

Details

You will need following information to start.

• Consumer Key
• Consumer Secret

If you do not have above, you can request them from here: http://twitter.com/oauth_clients

The following are the steps that should be performed to authenticate user and get user information from twitter, the rest is same as using python-twitter.

• Get the Request Token from twitter
• Get Authorization URL
• Get the Access Token from twitter
• Get user information

Get the Request Token from twitter


twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET)

request_token = twitter.getRequestToken()


Get Authorization URL

using same request_token from previous step

authorization_url = twitter.getAuthorizationURL(request_token)

Now send the user to authorization URL, for allowing access to the application.

Get the Access Token from twitter

Once the user return from twitter, we need to request the access_token from twitter for futher aunthenticated api calls on behalf of user.

NOTE: Need to create the new instance of OAuthApi using request_token from first step.

twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, request_token)

access_token = twitter.getAccessToken()

Get user information

This api call was not present in python-twitter and the user info call expected that there we know the username before making call, but this is not the case with OAuth, so we have to request User Information so we can use it in our application.

NOTE: Need to create the new instance of OAuthApi using access_token from last step.

twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, access_token)

user = twitter.GetUserInfo()

Now use the rest of python-twitter api calls as you used to use them with basic authentication, for more information see the wiki at:http://code.google.com/p/python-twitter

If you like this post, share it with others:
:: :: :: :: :: :: :: :: :: :: ::

OAuthApi, an OAuth Extension to python-twitter

If you are a python developer and you tried to develop some application for twitter, you must have came acrossed python-twitter. Which provides you a pythonic interface to twitter, by allowing you to access almost all twitter objects as python objects. python-twitter is still in devleopment, and hence still does not have the OAuth compatibility. I am being a oauth pro, deicided to write a derived class from python-twitter, to allow OAuth to be used as the authentication mechnism for python-twitter.

python-twitter is being developed by our beloved google’s employee: DeWitt Clinton

You can get the python-twitter at: python-twitter

You can get the oauth extension to python-twitter at: oauth-python-twitter

In the next following posts I will posting about how I am using it with Django specifically and how I have writter my TwitterAuthBackend for Django. The whole purpose of publishing the code is to get improvements and reviews on the code, so I have allowed non-members to review the above project on code.google.com, you are more then welcome to post your coments here or review the code on the project. Let me know if you don’t understand anything by asking questions in comments.

P.S I have used the same license as was used for python-twitter.

Happy twittering and developing

Google App Engine: Do not let your engine stop

As you all might have noticed that I was not posting for a while now, actually had been taken overy by few projects. But today I thought to post about the updates from Google App Engine. Google App Engine have released the Cookbook where you can submit your recipies or can benefit from other people’s snippets of code.

One more thing that Google App Engine team has done which is really useful, they have included the documentation with SDK, so if you are offline you will still have access to SDK. This will not let your engine stops even if you are not connected to internet.

Google App Engine is getting popularity.

If you haven’t been following Google App Engine Blog, according to latest post the Google App Engine is getting popularity and many programmers are learning python just to play with App Engine. According to Marzia Niccolai on Google App Engine Blog:

I’ve returned from the App Engine hack-a-thon in Chicago a Superfan of the App Engine community. We had lots of fun meeting App Engine developers, but why let me tell you about it? A couple of attendees wrote great summaries of the day: A Ruby on Rails developer giving Python a whirl, and a developer who worked on testing with App Engine. We saw people working on iPhone apps, OpenSocial and App Engine, and even a chat application!

So, if you want to host your application on reliable Google platform then you gotta learn Python to make your next app in Google App Engine. Google App Engine is going to be the next big thing if they started supporting rest of the languages like PHP, Ruby and Perl which they have already promised. So stay tuned.

Rails 2.1 introdcution with scaffolding

Okay, after settig up rails 2.1 we are now ready to start our rails journey. So lets begin with a simple blog application. If you are thinking why are we not following the tradition of “Hello World” project here,  the answer is simple, because you can find it all over the internet. For the sake of simplicity of this beginner introduction we assume we just want to create posts and add comments to our blog. No categories and no other bells and whistles, because the main point is to learn rails 2.1 neither to learn how to create a blog. Read the rest of this entry »

How to install Rails 2.1 on Ubuntu in 5 steps

I thought it would be a good idea to start with actually installation of rails 2.1, as many latest linux distributions don’t come with the latest version of rails which includes Ubuntu 8.04. So in this how to we will cover installation of rails 2.1 on Ubuntu 8.04. Read the rest of this entry »

Rails 2.1 tutorial series is coming

As I mentioned earlier I will start writing some rails tutorials in my Post “Why Django is more attractive then Rails?“. So now I have created this separate rails tutorial section which will serve as a TOC for all my rails tutorial posts. I have decided to start with a simple todo app. One thing to note here is we will be using rails 2.1 (which is the latest version of rails), so I might also write how you can install rails 2.1 on your machine. Sorry for the confusion that I wrote in my earlier article that we will be using rails 2.0. But any how its rails 2.x which is very very different then rails 1.x, so I hope my effort will not be wasted and it will be of some benefit for some newbies converting to rails out there.

One more thing I am not a rails advocate or something, I am just a developer who wants to help newbies. The reason I am writing these rails tutorials is because there is a lot of information for django and other frame works but I think rails lack a simple introduction which can help a newbie understand rails better.

So, I am not sure right now how much articles I will be writing to complete the tutorial but we will go in steps, which means I am not going to write a long article at once.  So stay tuned please I am almost finished with my first post and it will be here soon.

Why Django is more attractive then Rails?

One of my friends was introduced to rails when the version 2.0 was already out. He tried to learn rails for months on his own but couldn’t succeed. Recently he contacted me and asked if I have books, materials or may be links to some good books/tutorials for learning rails 2.0. And to my surprise there is not enough material available for a newbie to learn rails 2.0 which is totally different then the older 1.x version.

The whole internet and even the rails site points to old materials and this is quite confusing for newbies. My that friend has already been turned to Django for professional development but he still wants to learn Ruby on Rails. The books like “Agile Web Development With Rails” is still to come out for Rails 2.0.

So, now to give something back to the community I have decided to write a through more then a “Hello Wolrd” tutorial for rails 2.0 so newbies don’t waste their precious time just looking for the information which is almost now obsolete. I said obsolete because Rails 2.0 has been changed alot, although the old programmers don’t notice it much because of their prior experience of the language. But for new comers its confusing when scaffolds don’t work for them or they get confused when they see the config/routes.rb which has new majic of map.resource covering everything.

So, hopefully I will be able to solve all these mysteries here. Also if you have written something for Rails 2.0 you can post the link in comments and later I will create a separate post that will points to all the external collections.

Rapid Development with Python, Django, and Google App Engine

Google I/O the developer event that happened in SanFransisco, many were able to join it but there are thousands of people who were not able to join it Google has not forgotten them. The videos of almost all the talks has been posted but the best one is “Rapid Development wiht Python, Django and Google App Engine“.

Its a must watch video so I decided to share it here. I hope you will benefit from it. You can get the presentation slides from here.

If you like the above video then there are few other good videos too related to Google App Engine, so if you ware interested in learning Google App Engine and not only that but there are videos for other Google technologies which include Gears, Gadgets, OpenSocial and gData. Have look at Google I/O session videos posted with slides