我想允许注册用户添加多个Twitter帐户。我遵循了twython-django的示例,并获得了一个用户的工作版本-一个Twitter帐户。如果用户尝试再次使用Twitter登录,请再次遵循相同的视图,则会收到此错误:Invalid / expired Token。
我尝试将force_login = true添加到oauth/authorize和oauth/authenticate,从'request_token'字典中删除request.session,但是在Invalid Token期间仍然出现get_authentication_tokens()错误。
如何使用twython将多个Twitter帐户与同一用户正确关联?我在这里想念什么?
这是twython-django的示例:https://github.com/ryanmcgrath/twython-django/blob/master/twython_django_oauth/views.py
我的看法:
def twitter_login(request):
redirect_back_to_url = request.build_absolute_uri()
if 'request_token' not in request.session:
# request authorization tokens
t = Twython(twitter_token=settings.TWITTER_CONSUMER_KEY,
twitter_secret=settings.TWITTER_CONSUMER_SECRET,
callback_url=redirect_back_to_url)
# Request an authorization url to send the user to...
request_oauth_key = t.get_authentication_tokens()
# signing current session as one with twitter authentication
request.session['request_token'] = request_oauth_key
# redirecting the user to twitter authorization url for authentication
return HttpResponseRedirect(request_oauth_key['auth_url'])
else:
# user authenticated, receiving auth token
t2 = Twython(twitter_token=settings.TWITTER_CONSUMER_KEY,
twitter_secret=settings.TWITTER_CONSUMER_SECRET,
oauth_token=request.session['request_token'][
'oauth_token'],
oauth_token_secret=request.session['request_token'][
'oauth_token_secret'])
oauth_key = t2.get_authorized_tokens()
# save authorized tokens
# twitter oauth tokens dont expire
token = Token.objects.get_or_create(account_name=oauth_key['screen_name'],
token=oauth_key['oauth_token'],
secret=oauth_key['oauth_token_secret'])
user = request.user.get_profile()
user.twitter.add(token[0].id)
user.save()
logger.info('Successfully acquired twitter oauth token.')
return HttpResponseRedirect(reverse('profile'))
更新:可能的解决方案
我改变了看法:
def twitter_login(request):
redirect_back_to_url = request.build_absolute_uri()
if 'request_token' not in request.session:
# request authorization tokens
t = Twython(twitter_token=settings.TWITTER_CONSUMER_KEY,
twitter_secret=settings.TWITTER_CONSUMER_SECRET,
callback_url=redirect_back_to_url)
# Request an authorization url to send the user to...
request_oauth_key = t.get_authentication_tokens()
# signing current session as one with twitter authentication
request.session['request_token'] = request_oauth_key
# redirecting the user to twitter authorization url for authentication
return HttpResponseRedirect(request_oauth_key['auth_url'])
else:
# user authenticated, receiving auth token
t2 = Twython(twitter_token=settings.TWITTER_CONSUMER_KEY,
twitter_secret=settings.TWITTER_CONSUMER_SECRET,
oauth_token=request.session['request_token'][
'oauth_token'],
oauth_token_secret=request.session['request_token'][
'oauth_token_secret'])
oauth_key = t2.get_authorized_tokens()
if 'screen_name' not in oauth_key:
del request.session['request_token']
request.session.modified = True
return HttpResponseRedirect(reverse('twitter_login'))
# save authorized tokens
# twitter oauth tokens dont expire
token = Token.objects.get_or_create(account_name=oauth_key['screen_name'],
token=oauth_key['oauth_token'],
secret=oauth_key['oauth_token_secret'])
user = request.user.get_profile()
user.twitter.add(token[0].id)
user.save()
logger.info('Successfully acquired twitter oauth token.')
return HttpResponseRedirect(reverse('profile'))
还不确定这是否与它有关。我在twython.py
request_args['force_login'] = True的第272行之后添加了内容。但是,正如我所说,我不确定是否会产生任何影响,根据https://dev.twitter.com/docs/api/1/post/oauth/request_token强制登录的cos并不是可选的args之一。这是一些伏都教。大声笑。
告诉我这是否完全是垃圾。
最佳答案
嗯,我相信OP可以正常工作,但是作为一个快速的细分,twython-django并不是为支持多个帐户关联而构建的(它也不在Django 1.5上,所以要小心,直到它被更新为止)。
您需要执行OP的操作,并为与用户匹配的Token设置一个单独的表,然后通过提取适当的令牌来处理他们当前正在使用的帐户。 OP对force_login的使用似乎也奏效了,因为虽然不一定要对其进行记录,但我认为它仍然可以工作(根据this thread的规定,除非我误读了它-如果是的话,我希望得到纠正)。
我不希望这个答案会被接受,因为我并没有真正解决任何问题,但是如果其他任何人遇到这个问题,我希望留下的内容比上面的注释更明确。希望没事!