Django facebook app: missing signed_request

Question

Django facebook app: missing signed_request

Inspired by writing the application for the facebook application after 20 minutes in Hacker News, I am writing the application for facebook, and the home page works fine: an empty list of poems is displayed. However, I am unable to create a link from one view to another.

I am using django, here is the code:

from urls.py

urlpatterns = patterns('', url(r'^$', 'crosswords.ugly.views.home', name='home'), url(r'^create/$', 'crosswords.ugly.views.create', name='create'),

From views.py:

 @canvas_only def create(request): if request.method == 'GET': return render(request, 'create.html', { 'form': PoemEntryForm(request.GET) })

From: templates: home.html

 <p>Would you like to create a <a href="/create/">new poem</a>?</p>

Please let me know if there are any specific files that I can publish to highlight the problem, and I will do it. I tried various options for / create /, / create and even created / in urls.py and a link in home.html.

The problem is that I keep getting this message:

400 Bad Request
Missing signed_request.

when trying to click a link in home.html. Any help from experienced django, facebook or -developers would be appreciated.

+4

python django django-urls django-views pythonanywhere

lowerkey Sep 01 '12 at 0:48

source share

2 answers

lowerkey · Answer 1 · 2012-09-01T01:22:28+0000

I found the answer to the question:

The problem was that I did not use the <a href="site{% url url_name %}">... as defined in urls.py. In this case, <a href="site{% url create %}">... did wonders :)

Pynchia · Answer 2 · 2013-03-14T01:06:01+0000

After spending several hours trying to understand why a simple link to my application page will trigger the dangerous message "400 Bad Request - Missing signed_request". I stumbled upon this post and I finally started to solve the riddle.

Slowly load facebook canvas app when clicking on links (if target vertex)

In short: YOU SHOULD use any decorator (e.g. @canvas_only or @facebook_required) in your view. Instead, as suggested, save the information in the session the first time you get this information (say, FB username and username). I do this on my homepage (the only view decorated by @canvas_only). Nota Bene: in order to be able to store something in the session, you need to include it in your settings.py: it should be in order in the MIDDLEWARE section already, but also add it to INSTALLED_APPS by uncommenting the entry "django". contrib.sessions'.
Now do syncdb (python manage.py syncdb) to make sure the corresponding tables are created (I assume the session is stored in db). If you need this for further calls to the FB API, also save the access_token in the session (request.session ['signed_request'] = access_token)

Which really causes the problem, however, is redirected to the page at the end of the view, for example. with redirection () or with HttpResponseRedirect (). This causes a GET request, not a POST request.
Oh by the way, did I mention that all GET requests become POST? HAHAHAH is this confusing, hey? In addition, there are some serious security implications that need to be considered.

I just started playing with this material, so please use the current information as tips and tricks, not as commandments.

Django facebook app: missing signed_request

More articles: