Socket
Socket
Sign inDemoInstall

django-social-connector

Package Overview
Dependencies
1
Maintainers
1
Alerts
File Explorer

Install Socket

Detect and block malicious and high-risk dependencies

Install

    django-social-connector

A Sample Django application for exchanging tokens with Instagram Basic Display API

Maintainers
1

Readme

django-social-connector

A sample Django app for OAuth Token Exchange to support Instagram Basic Display API.

[!CAUTION] This app is not meant for production. It lacks certain security features and certain customization options which must be implemented based on the exact use case. It will only work in DEBUG mode, for development.

Use this app for development only and as a guide for adding your own token exchange backend endpoint.

Adding to Django:

  1. Install from PyPi: pip install django-social-connector

  2. Add to INSTALLED_APPS:

# settings.py
INSTALLED_APPS = [
    # ...
    "social_connector",
    # ...
]
  1. Add INSTAGRAM_APP_ID and INSTAGRAM_SECRET settings:
# settings.py
import os

INSTAGRAM_APP_ID = os.environ.get("INSTAGRAM_APP_ID")
INSTAGRAM_SECRET = os.environ.get("INSTAGRAM_SECRET")

Note: Your INSTAGRAM_SECRET should be loaded and stored as a secret key. How to do that properly is outside the scope of this guide and depends on your environment.

  1. Add a token endpoint to your URLs:
# urls.py
from django.urls import path
from social_connector.views import ig_token

urlpatterns = [
    # ...
    path('ig_token/', ig_token, name="ig_token"),
    # ...
]

You can customize the path and the name as needed.

  1. The endpoint is ready for use in development.

Troubleshooting

CORS Settings

Make sure your frontend host is allowed for CORS requests in Django.

Moving to Production

This app is for demonstration and development use only.

For production, create your own view in your own codebase.

For being Production ready, the endpoint should have at least the following additional safeguards:

  • CSRF protection
  • Throttling (limited amount of requests per user per time)
  • Further input checks and sanitation before sending the API request to Instagram
  • Might require the user being logged in, depending on the specific app's use case

Adding these features will bloat this minimal sample, especially when trying to reduce requirements. Implementation of some of these features also depend on your specific use case.

Keywords

FAQs

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Recent Trends in Malicious Packages Targeting Discord

Research

Recent Trends in Malicious Packages Targeting Discord

The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.

By Socket Research Team  -  May 07, 2024
AI + a16z Podcast: Combatting Modern Supply Chain Attacks with AI

Security News

AI + a16z Podcast: Combatting Modern Supply Chain Attacks with AI

Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.

By Sarah Gooding  -  May 07, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc