4

Maybe my question is very stupid.

But I couldn't find the answer neither in the official documentation of rest-auth nor there in questions.

I want to use authentication through Twitter.

I created the app in Twitter, put all the data into the model Social application According to the documentation I made view:

from allauth.socialaccount.providers.twitter.views import TwitterOAuthAdapter
from rest_auth.views import LoginView
from rest_auth.social_serializers import TwitterLoginSerializer
from rest_framework.permissions import AllowAny


class TwitterLogin(LoginView):
    serializer_class = TwitterLoginSerializer
    adapter_class = TwitterOAuthAdapter
    permission_classes = (AllowAny,)

Added url:

from django.urls import path

from .views import TwitterLogin


urlpatterns = [
    path('rest-auth/twitter/', TwitterLogin.as_view(), name='twitter_login')
]

Then went to the link: /rest-auth/twitter/ And got the request:

{
    "access_token": "",
    "token_secret": ""
}

I.e. these data must be transfer from front-end to the API endpoint.

The question is: how front-end will take acces_token and token_secret?

I don't understend this moment of authentication.

If somewhere there is a detailed description of this issue, or on this resource is already someone gave the answer to this question - I will be grateful for the link.

savao
  • 103
  • 7
  • Please use serverside for twitter authentication and log the user once when you get the access_token for that user. – Raja Simon Jan 18 '18 at 10:35
  • What serverside I can use for twitter authentication? – savao Jan 18 '18 at 14:09
  • Django is the server side. Please explain more about where you call the rest api. ? – Raja Simon Jan 18 '18 at 14:19
  • I call rest api in browser, to test work of this api. May be I forgot to do something? But I don't finde any information about this in docs – savao Jan 18 '18 at 14:39
  • @savao i am facing the same issue that you gone through . i couldnt see any url in django rest-auth to get the request token . so i created an api get the request token. and i pass that to the frontend and from the frontend i got the oauth_verifier after that i called the api provided by the django rest-auth but it doesnt seems working. if you dont mind could you please explain how did you fix this issue – Thameem May 30 '19 at 07:08
  • @Thameem Hello. We used in the project django-allauth, maybe you need it too? At least I had enough of the instructions that are written in the answer below. If you still will have some troubles, write me an e-mail and I will send you pieces of the code of the project, which are associated with Twitter. – savao May 30 '19 at 19:11
  • @savao can i have your email – Thameem Jun 02 '19 at 11:07
  • @Thameem sjavao@gmail.com – savao Jun 02 '19 at 15:43

1 Answers1

3

In your Twitter application you need to make sure the "Allow this application to be used to Sign in with Twitter?" option is enabled.

Then you can follow these instructions in order to obtain the token and token secret https://dev.twitter.com/web/sign-in/implementing.

Relevant section in allauth docs: https://django-allauth.readthedocs.io/en/latest/providers.html#id2

Maxim Kukhtenkov
  • 734
  • 1
  • 7
  • 20
  • Ok, thanks. I see this instruction, but I don't understend, how I can do this steps using django-rest-auth. For example. "Step 1: Obtaining a request token To start a sign in flow, your application must obtain a request token by sending a signed message to POST oauth / request_token." As I understend, I must send the POST request to api.twitter.com/oauth/request_token In request I must put data, which I get when I create my Twitter app. But I don't understend, how I can do this request by django-rest-auth. I can send this request manually. But I think, django-rest-auth must do this. – savao Jan 18 '18 at 17:18
  • 1
    Initial steps are being performed on the frontend. You would need a Twitter login button on your website, that would verify your sign-in status and prompt you to login using Twitter. Afterwards it returns you the information you'd use to perform social sign-in using django-rest-auth. Some providers (like Facebook) provide all the required widgets, but it looks like in case of Twitter you need to implement it manually. Here are the steps for browser sign in: https://dev.twitter.com/web/sign-in/desktop-browser – Maxim Kukhtenkov Jan 18 '18 at 18:12