Dr. Twoot authentication redux

I decided that last night’s configuration instructions for Dr. Twoot (the world’s greatest Twitter client) were unnecessarily long, so I wrote a quick little configuration script that prompts you for your Twitter username and password and prints out the required authentication lines.

The script is called config.py:

 1:  #!/usr/bin/python
 2:  
 3:  from base64 import b64encode
 4:  from urllib import urlopen
 5:  from getpass import getpass
 6:  import re
 7:  
 8:  print '''Enter your Twitter username and password.
 9:  The password will not appear as you type it.
10:  '''
11:  
12:  uname = raw_input('Username: ')
13:  # pword = raw_input('Password: ')
14:  pword = getpass('Password: ')
15:  
16:  url = 'http://twitter.com/users/show/%s.xml' % uname
17:  uid = re.sub(r'\s*</?id>\s*', '', urlopen(url).readlines()[2])
18:  
19:  print '''
20:  Copy the following two lines and paste into twoot.js.
21:  '''
22:  print "var UID = %s;" % uid
23:  print "var B64AUTH = '%s';" % b64encode('%s:%s' % (uname, pword))

From the command line, cd into your drtwoot directory and execute

python config.py

You’ll be prompted for your Twitter username and password and out will pop two lines that will look something like this:

var UID = 987654321;
var B64AUTH = 'c21lYWdvbDpwcmVjaW91cw==';

Copy these and paste them into Lines 8-9 of twoot.js, and your copy of Dr. Twoot will be customized for your account. All of this is in the GitHub repository.

As you can see script connects to twitter.com to get the user ID number, but doesn’t store or send your password. As currently written, the password is not echoed to the screen. If you like to see what you’re typing as you type it, and you’re not worried about shoulder surfers, you can comment out Line 14 and uncomment Line 13.

Line 17 does a lot of work. It

  1. connects to Twitter;
  2. reads your publicly-available user data and puts it into a list of lines;
  3. extracts the third line of that data; and
  4. erases the <id></id> XML tags and any whitespace, leaving just the user ID number.

Line 23 generates the Basic Authentication string by doing a base64 encoding of your username and password, separated by a colon.

I thought about having the configuration script edit twoot.js directly, but it didn’t seem worth the effort. Users who know how to create a site-specific browser with Fluid aren’t likely to object to a simple cut and paste.