Getting 401 error



import oauth2 as oauth
import cgi


from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect
from django.conf import settings
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.models import User
from django.contrib.auth.decorators import login_required


from twitt.models import Profile

It’s probably a good idea to put your consumer’s OAuth token and

OAuth secret into your project’s settings.

TWITTER_TOKEN='my token '
TWITTER_SECRET='my secret’
consumer = oauth.Consumer(TWITTER_TOKEN,TWITTER_SECRET)
client = oauth.Client(consumer)

request_token_url = '
access_token_url = ‘

This is the slightly different URL used to authenticate/authorize.

authenticate_url = ‘

def twitter_login(request):
# Step 1. Get a request token from Twitter.
resp, content = client.request(request_token_url, “GET”)
if resp[‘status’] != ‘200’:
raise Exception(“Invalid response from Twitter.”)

# Step 2. Store the request token in a session for later use.
request.session['request_token'] = dict(cgi.parse_qsl(content))

# Step 3. Redirect the user to the authentication URL.
url = "%s?oauth_token=%s" % (authenticate_url,

return HttpResponseRedirect(url)

def twitter_logout(request):
# Log a user out using Django’s logout function and redirect them
# back to the homepage.
return HttpResponseRedirect(’/’)

def twitter_authenticated(request):
# Step 1. Use the request token in the session to build a new client.
token = oauth.Token(request.session[‘request_token’][‘oauth_token’],
client = oauth.Client(consumer, token)

# Step 2. Request the authorized access token from Twitter.
resp, content = client.request(access_token_url, "GET")

if resp['status'] != '200':                               //i get the error 401 here
    print content
    raise Exception(resp['status'])

This is what you'll get back from Twitter. Note that it includes the
user's user_id and screen_name.
    'oauth_token_secret': 'IcJXPiJh8be3BjDWW50uCY31chyhsMHEhqJVsphC3M',
    'user_id': '120889797', 
    'oauth_token': '120889797-H5zNnM3qE0iFoTTpNEHIz3noL9FKzXiOxwtnyVOD',
    'screen_name': 'heyismysiteup'
access_token = dict(cgi.parse_qsl(content))

# Step 3. Lookup the user or create them if they don't exist.
    user = User.objects.get(username=access_token['screen_name'])
except User.DoesNotExist:
    # When creating the user I just use their
    # for their email and the oauth_token_secret for their password.
    # These two things will likely never be used. Alternatively, you 
    # can prompt them for their email here. Either way, the password 
    # should never be used.
    user = User.objects.create_user(access_token['screen_name'],
        '' % access_token['screen_name'],

    # Save our permanent token and secret for later.
    profile = Profile()
    profile.user = user
    profile.oauth_token = access_token['oauth_token']
    profile.oauth_secret = access_token['oauth_token_secret']

# Authenticate the user and log them in using Django's pre-built 
# functions for these things.
user = authenticate(username=access_token['screen_name'],
login(request, user)

return HttpResponseRedirect('/')


Hi – I’m having a very similar problem using twython_django_oauth, which has a workflow almost identical to the above. I can successfully create a user the first time the user successfully enters Twitter credentials. However, when the user tries to log in a second time, a new ‘oauth_token_secret’ is passed into the authenticate step rather than the secret token stored when the user authorizes through Twitter the first time. I can’t figure out why, based on the twython_django_oauth view very similar to the above, the stored secret token isn’t simply funneled into authenticate and an authenticated user logged in.


help error sign in with twitter 401