Security cam blog posts on Tumblr

Module Mojo

As in previous Perl columns [3] featuring OAuth-controlled Perl applications such as Google Drive, Listing 1 [4] also uses the Mojolicious module from CPAN to ask permission to publish blog entries. When launched by typing ./tumblr-oauth, it outputs the message:

Listing 1



[Sat Oct 12 09:56:27 2013] [info]
Listening at "http://localhost:8082".
Server available at http://localhost:8082.

and then launches a web server on port 8082 of localhost. If a browser now requests the URL http://localhost:8082, the script just sends a link with the text Login on Tumblr. When you click the link, you are taken to the Tumblr login page, where you need to identify yourself with your email address and password, if you were not already logged in.

Tumblr then displays the dialog shown in Figure 8 to the user, asking permission for the Perlsnapshot application to read and write to the blog. The blog I set up previously for test purposes under the name of "Schtonk's Rants" at will be used for the camera images later on. If the user now presses Allow, Tumblr refers the browser back to the previously set callback URL (http://localhost:8082) and hands over two access tokens to the local web server: oauth_token and oauth_verifier.

Figure 8: The user authorizes the script for posting new articles on Tumblr.

Armed with these tokens, the recipient can mess around with the users' blogs  – within the constraints of the permissions  – as if logged in as the users themselves. However, application users do not need to share a password but only a token, which they can revoke at any time.

A Local Web Server

To do this, Listing 1 draws on the CPAN WWW::Tumblr::Authentication::OAuth module, which includes the necessary URLs for retrieving tokens. The variables in lines 15 and 16 contain the $consumer_key and $secret_key values obtained in Figure 7 on registering the application.

Before the Mojolicious::Lite module starts the server, it expects some options on the command line. Against all expectations, the daemon option starts the web server in the foreground and --listen is assigned the local URL to listen to in line 13. To avoid the need to pass in command-line parameters to tumblr-oauth, line 28 unceremoniously stuffs the options into the @ARGV array and then foists them onto the Mojolicious module.

Browser requests for port 8082 without a path are fielded by the code starting in line 34, which sets the stash variable login_url and thus converts the template in the DATA area of the script, starting in line 90, into an HTML page with a login link, which the browser then displays. If Tumblr redirects back to the Mojolicious server after obtaining permission from the user, this happens in the /callback path, and the code from line 45 is executed.

Line 62 uses DumpFile() from the CPAN YAML module to store all four tokens received, as well as two new access tokens created with token() and token_secret(), respectively, in YAML-readable format in the .tumblr.yml file in the home directory. Application scripts later access the file, read the tokens, and thus gain access to the user's blog.

Shots Through the Window

Listing 2 shows the actual application that grabs photos from the surveillance camera. In line 16, you need to insert the address of your own camera, plus the username and password for the camera's web interface in lines 20 and 21. The WWW::Mechanize type object's credentials() method stores this information and automatically adds it to web requests when the camera's web server asks for a password. All you really need to retrieve data from a web server is the Perl LWP::UserAgent module, but the WWW::Mechanize superclass provides a more convenient credentials() method that requires fewer parameters.

Listing 2



The Foscam camera delivers a snapshot of its field of view as /snapshot.cgi; the blurt() function from the CPAN Sysadm::Install module writes the image data to a local file named snapshot.jpg in lines 27 and 28.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Perl: Spotify

    For a monthly fee, the Spotify streaming service beams music onto your desktop or phone. To intensify the groove, Perlmeister Mike Schilli archived his Spotify playlists for eternity using an OAuth-protected web API.

  • Programmatically change YouTube metadata

    Instead of manually editing the metadata of YouTube movies, video craftsman Mike Schilli dips into YouTube’s API spell book and lets a script automatically do the work.

  • Perl: Dropbox

    The proprietary Dropbox service has become a popular way to exchange large files. The Dropbox web API also supports scripts, like the one in this article that picks up files from behind a firewall.

  • Programming Snapshot – Driving Data

    A connector plugged into the diagnostic port of Mike Schilli's cars sends current information such as speed, acceleration, and fuel economy via the mobile phone network to a cloud service. An app and a programmable API read out the data and provide stunning visualizations.

  • Perl: Google Drive

    Armed with a Chinese guillotine and a scanner with an automatic document feeder, Mike Schilli gives his books some special treatment, courtesy of Google Drive, which offers 5GB of storage space – room enough to start an online PDF collection.

comments powered by Disqus