Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
django-social-connector
Advanced tools
django-social-connector
A Sample Django application for exchanging tokens with Instagram Basic Display API
- Maintainers
- 1
django-social-connector
A sample Django app for OAuth Token Exchange to support Instagram Basic Display API.
[!CAUTION] This app is not meant for production. It lacks certain security features and certain customization options which must be implemented based on the exact use case. It will only work in
DEBUGmode, for development.
Use this app for development only and as a guide for adding your own token exchange backend endpoint.
Adding to Django:
-
Install from PyPi:
pip install django-social-connector -
Add to INSTALLED_APPS:
# settings.py
INSTALLED_APPS = [
# ...
"social_connector",
# ...
]
- Add
INSTAGRAM_APP_IDandINSTAGRAM_SECRETsettings:
# settings.py
import os
INSTAGRAM_APP_ID = os.environ.get("INSTAGRAM_APP_ID")
INSTAGRAM_SECRET = os.environ.get("INSTAGRAM_SECRET")
Note: Your INSTAGRAM_SECRET should be loaded and stored as a secret key. How to do that properly is outside the scope
of this guide and depends on your environment.
- Add a token endpoint to your URLs:
# urls.py
from django.urls import path
from social_connector.views import ig_token
urlpatterns = [
# ...
path('ig_token/', ig_token, name="ig_token"),
# ...
]
You can customize the path and the name as needed.
- The endpoint is ready for use in development.
Troubleshooting
CORS Settings
Make sure your frontend host is allowed for CORS requests in Django.
Moving to Production
This app is for demonstration and development use only.
For production, create your own view in your own codebase.
For being Production ready, the endpoint should have at least the following additional safeguards:
- CSRF protection
- Throttling (limited amount of requests per user per time)
- Further input checks and sanitation before sending the API request to Instagram
- Might require the user being logged in, depending on the specific app's use case
Adding these features will bloat this minimal sample, especially when trying to reduce requirements. Implementation of some of these features also depend on your specific use case.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
vlt Launches Real-Time Dependency Analysis Powered by Socket
vlt adds real-time security selectors powered by Socket, enabling developers to query and analyze package risks directly in their dependency graph.
By Sarah Gooding - Apr 17, 2025
Security News
CISA Extends MITRE Contract as Crisis Accelerates Alternative CVE Coordination Efforts
CISA extended MITRE’s CVE contract by 11 months, avoiding a shutdown but leaving long-term governance and coordination issues unresolved.
By Sarah Gooding - Apr 16, 2025