I have been looking for an explanation on how to do this using this particular set of libraries and couldn't really find anything simple and straightforward enough. Since I have figured out a working way myself, I decided to drop it here for people who might be also be looking for this (other beginners like me).
Please feel free to suggest a better solution if one comes to mind!
from flask import Flask, flash, redirect, render_template, request, session, url_for
from twython import Twython, TwythonAuthError, TwythonError, TwythonRateLimitError
from flask_session import Session
from tempfile import mkdtemp
# configure application
app = Flask(__name__)
app.config["SESSION_FILE_DIR"] = mkdtemp()
app.config["SESSION_PERMANENT"] = False
app.config["SESSION_TYPE"] = "filesystem"
Session(app)
app.config['SECRET_KEY'] = 'your app secret key'
APP_KEY = 'Your Twitter App Key'
APP_SECRET = 'Your Twitter App Secret'
@app.route('/', methods=["GET", "POST"])
def index():
if request.method == 'POST':
twitter = Twython(APP_KEY, APP_SECRET)
auth = twitter.get_authentication_tokens(callback_url='http://yourwebsite.com/login')
session['OAUTH_TOKEN'] = auth['oauth_token']
session['OAUTH_TOKEN_SECRET'] = auth['oauth_token_secret']
return redirect(auth['auth_url'])
else:
return render_template('index.html')
@app.route('/login')
def login():
oauth_verifier = request.args.get('oauth_verifier')
OAUTH_TOKEN=session['OAUTH_TOKEN']
OAUTH_TOKEN_SECRET=session['OAUTH_TOKEN_SECRET']
twitter = Twython(APP_KEY, APP_SECRET, OAUTH_TOKEN, OAUTH_TOKEN_SECRET)
final_step = twitter.get_authorized_tokens(oauth_verifier)
session['OAUTH_TOKEN'] = final_step['oauth_token']
session['OAUTH_TOKEN_SECRET'] = final_step['oauth_token_secret']
OAUTH_TOKEN = session['OAUTH_TOKEN']
OAUTH_TOKEN_SECRET = session['OAUTH_TOKEN_SECRET']
session['twitter'] = Twython(APP_KEY, APP_SECRET, OAUTH_TOKEN, OAUTH_TOKEN_SECRET)
flash("You've logged in!")
return redirect('/')
When website is accessed via link, render_template('index.html') renders a dynamic site that contain a "Log In with Twitter" button (form with a POST method) if user not logged in, or content otherwise. At the end of the login route I create a Twython session variable for application wide use to access Twitter data, and then redirect user back to index page (to clear the url that contains authentifier parameters). That's it, this works for me well as of now.
