File: authentication.md

package info (click to toggle)
python-discogs-client 2.8-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 572 kB
  • sloc: python: 1,719; sh: 83; makefile: 18
file content (138 lines) | stat: -rw-r--r-- 4,490 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
 
# Authentication

There are two forms of authentication the Discogs API allows: OAuth and
User-token Authentication.

User-token Authentication is great as a simple solution for scripts that just
want to use endpoint that require authentication, or for users who are writing
apps that only represent a single user (e.g., writing a store-front for your
Discogs seller account).

OAuth is useful if you want to create an application where a user uses your app
as a proxy to make requests and change information about their Discogs account.
This includes profile information, collection and wantlist information, and
marketplace changes.

Never share your user token keys and secrets with anyone.  You will want to make sure you don't commit them to your Git repository.

We will cover both forms of authentication below.

## User-token Authentication

This is the simpler one of the two authentication methods. You need to generate
a token in the developer's section of your Discogs user account settings:

["Click user avatar on top right of screen" - "Settings" - "Developers"](
https://www.discogs.com/settings/developers) - "Generate new token ".

Supply the token to the `Client` class:

```python
import discogs_client
d = discogs_client.Client('my_user_agent/1.0', user_token='my_user_token')
```

That's it! You are now free to make authenticated requests. The downside is
that you'll be limited to the information only your user account can see
(i.e., no requests on behalf of other users).



## OAuth Authentication

OAuth is an open protocol commonly used for authorization (and in this case,
authentication as well). For more information on the OAuth specification,
please visit the OAuth website: http://oauth.net/

A Discogs consumer key and consumer secret are required for OAuth, to get
those go to the developer's section of your Discogs user account settings:

["Click user avatar on top right of screen" - "Settings" - "Developers"](
https://www.discogs.com/settings/developers) - "Create
an appplication". Fill out the form, copy consumer key and secret and optionally
add a custom callback url.

1. Importing the client library:
    ```python
    import discogs_client
    ```

2. Instantiating the `Client` class with the consumer key and secret:

    ```python
    d = discogs_client.Client(
        'my_user_agent/1.0',
        consumer_key='my_consumer_key',
        consumer_secret='my_consumer_secret'
    )
    ```

    You can also supply your OAuth token and token secret if you already have
    them saved, as so:

    ```python
    d = discogs_client.Client(
        'my_user_agent/1.0',
        consumer_key='my_consumer_key',
        consumer_secret='my_consumer_secret',
        token=u'my_token',
        secret=u'my_token_secret'
    )
    ```

    Alternativaly the `set_consumer_key()` method can be used on an already
    existing Client object to supply consumer key and secret.

    ```python
    d = discogs_client.Client('my_user_agent/1.0')
    d.set_consumer_key('my_consumer_key', 'my_consumer_secret')
    ```

4. Get authorization URL

    ```python
    d.get_authorize_url()
    ```

    This will return a tuple with the request token, request secret, and **the
    authorization URL that your user needs to visit** to accept your app's
    request to sign in on their behalf.

    If you are writing a web application, you can specify a string argument
    to this method that will be used as the `callback_url`:

    ```
    d.get_authorize_url('https://your.callback.url')
    ```

    If the user clicks on the returned discogs.com oauth url, the request token
    and request secret will be transmitted as the URL parameters to the provided
    callback URL:

    https://your.callback.url?oauth_token=secret_1&oauth_verifier=secret_2

5. Get OAuth access token

    Pass the OAuth verifier that you received after the user authorizes your app
    into this method. This will return a tuple with the access token and access
    token secret that finalizes the OAuth process.

    ```python
    d.get_access_token('verifier-here')
    ```

6. Verify

    We are free to make OAuth-based requests now. A smoke-test to verify
    everything is working is to call the `identity()` method:

    ```python
    me = d.identity()
    ```

    This will return a `User` object if everything is okay.

## More information

Find out more details about the authentication methods in the module
documentation: {class}`discogs_client.client.Client`