What is Tweepy?
Tweepy is a library written in Pure Python (yeah Pure Python), by JoshTheCoder. There are many libraries in Python for twitter, however my choice for tweepy is because of following reasons
- Hyper Active Development
- Up to date with twitter APIs
- Python 3 supported
- OAuth and Cache system
- Really simple to understand (my favourite)
How does Tweepy Work?
Tweepy uses basic as well as OAuth for authentication with twitter, and has well defined classes for almost everything that you might need.
What is OAuth?
OAuth is an open protocol, initiated by Blaine Cook and Chris Messina, to allow secure API authorization in a standard method for desktop, mobile and web applications.
For consumer developers, OAuth is a method to publish and interact with protected data. For service provider developers, OAuth gives users access to their data while protecting their account credentials. In other words, OAuth allows a user to grant access to their information on one site (the Service Provider), to another site (called Consumer), without sharing all of their identity.
More details on OAuth can be found at http://oauth.net
Getting started with Tweepy on GAE
Before reading this section make sure you have access to the code sample at http://code.google.com/p/codecontrol-samples/. That will be helpful.
The basic authentication process follows the following steps
- Create an OAuthHandler object using the Consumer Key and Consumer Secret. This is something that is provided by twitter when you start with an application on twitter. For more details on Consumer Key and Consumer Secret, visit http://twitter.com/oauth_clients
- Next, we have to generate something called as Authorization URL. The authorization URL is a URL which looks like http://twitter.com/oauth/authorize?oauth_token=slyFKiyIiQ1RRHnhIg8AilcYIlgoL37u1goWZILss. Don't worry about the oauth_token and how to generate this URL. This is something that Tweepy does for you. All you need to do is to call the get_authorization_url method of the OAuthHandler object that we created in step 1.
- Alongwith Authorization URL are generated request tokens. These are the keys which are used while asking access from twitter. Make sure we store them in datastore as we will be needing them later.
- Your users need to be redirected to the authorization URL page created in Step 2. This is where Twitter will ask permission from it's user to share their details with our application. If they allow the action. Twitter redirects them to the CALLBACK_URL. This callback_url is a URL on your domain, where users will land after a success. This URL will contain some parameters like oauth_token and oauth_verifier.
- Next, we need to lookup for the request token that we saved earlier. Using this request token alongwith consumer key and consumer secret, we create something called as ACCESS_TOKEN. This is the actual token that will allow us access this user's information on twitter. Again, we must store all these tokens in the datastore so that everytime our user need not authorize us.
- Now its all done. We have in our datastore the request token, the access token and the oauth verifier ad oauth token. We will always create an object of OAuthHandler using these data whenever we want to access someone's twitter information.
- To use the tweepy's twitter APIs, we need to create an instance of tweepy's API class using the OAuthHandler object created in last step.
Well, that explains pretty much of how tweepy works. If you have found any issues with the code at http://code.google.com/p/codecontrol-samples/, create an issue and i will be more than happy to fix it up.
The code can be directly downloaded from http://codecontrol-samples.googlecode.com/files/gae-tweepy.tar.gz.
Hello Pranav,
ReplyDeleteYour blog is simply awesome!. It helped me understand & implement OAuth very straightforwadly. I am in Pune too and owe you a coffee for this :D. sgurminder _at_ gmail _dot_ com
Sure, i will let you know when i am in Pune next time :-)
ReplyDeletehey,
ReplyDeletemy app on GAE always asks for authorization.
Can i somehow make sure that a user who is authorized doesn't have to authorize d app again ?
Are you saving the authentication token and using it in subsequent requests?
ReplyDeleteyes,
ReplyDeleteThe user will authorize first time nd i save his/her token. bt wen user comes to my site d second time, hw would i knw which access token to use from my database.
The tutorial here is for aurhorization, nd wat i need to do is authentication.