pbr-ayct-backend/ayct_backend/twitter/__init__.py

from uuid import uuid4
from requests_oauthlib import OAuth1Session
from flask import Blueprint, Response, current_app, request, jsonify
from ayct_backend.models import *
from ayct_backend.firebase import verify_token

twitter = Blueprint('twitter', __name__)

@twitter.route('/account', methods=['GET'])
def get_twitter_accounts():
    decoded_token = verify_token(request.headers)
    if not decoded_token:
        return "Not authorised!", 401

    user_id = decoded_token['sub']

    twitter_accounts = TwitterAccount.query.filter_by(user_id=user_id).all()

    accounts = []

    for account in twitter_accounts:
        account_data = {}
        account_data['twitter_account_id'] = account.twitter_account_id
        account_data['username'] = account.username
        accounts.append(account_data)

    return jsonify({
        "twitter_accounts": accounts
    }), 200

@twitter.route('/account', methods=['POST'])
def add_twitter_account():
    decoded_token = verify_token(request.headers)
    if not decoded_token:
        return "Not authorised!", 401

    user_id = decoded_token['sub']

    content_type = request.headers.get('Content-Type')
    if content_type != 'application/json':
        return "Content-type not supported!", 400

    request_json = request.json
    if 'veryfier' not in request_json or 'oauth_token' not in request_json or 'oauth_token_secret' not in request_json:
        return "Invalid request!", 400

    consumer_key = current_app.config["TWITTER_CONSUMER_KEY"]
    consumer_secret = current_app.config["TWITTER_CONSUMER_SECERT"]

    access_token_url = "https://api.twitter.com/oauth/access_token"
    oauth = OAuth1Session(
        consumer_key,
        client_secret = consumer_secret,
        resource_owner_key = request_json['oauth_token'],
        resource_owner_secret = request_json['oauth_token_secret'],
        verifier = request_json['veryfier'],
    )
    oauth_tokens = oauth.fetch_access_token(access_token_url)

    twitter_account = TwitterAccount.query.filter_by(user_id=user_id, twitter_account_id=oauth_tokens['user_id']).first()

    if twitter_account:
        return "Account already exists!", 409

    twitter_account = TwitterAccount(
        id = str(uuid4()),
        user_id = user_id,
        twitter_account_id = oauth_tokens['user_id'],
        username = oauth_tokens['screen_name'],
        access_token = oauth_tokens['oauth_token'],
        access_token_secret = oauth_tokens['oauth_token_secret']
    )

    db.session.add(twitter_account)
    db.session.commit()
    
    return "Twitter account succesfully added.", 201

@twitter.route('/account', methods=['DELETE'])
def delete_twitter_account():
    decoded_token = verify_token(request.headers)
    if not decoded_token:
        return "Not authorised!", 401

    user_id = decoded_token['sub']

    content_type = request.headers.get('Content-Type')
    if content_type != 'application/json':
        return "Content-type not supported!", 400

    request_json = request.json
    if 'twitter_account_id' not in request_json:
        return "Invalid request!", 400

    twitter_account = TwitterAccount.query.filter_by(user_id=user_id, twitter_account_id=request_json['twitter_account_id']).first()

    if not twitter_account:
        return "Account not found!", 404

    db.session.delete(twitter_account)
    db.session.commit()

    return "Twitter account succesfully deleted.", 200