I Built a "One Click Social Media Automation Platform" with Python & FastAPI

TL;DR — I built a self-hosted web app where you write one post and publish it to LinkedIn, Telegram, Twitter, Reddit, Instagram, and Facebook — all from a single dashboard — using FastAPI, OAuth2, encrypted credentials… and a lot of vibe coding.

Why I Built This

Every day I was doing the same thing:

• Open LinkedIn → Paste
• Open Twitter → Paste
• Open Telegram → Paste
• Open Reddit → Paste

Same content. Five tabs. Repeat.

At some point I thought:

If I don’t automate this, I don’t deserve to call myself a developer.

So I built it.

The goal:

• One text box
• One click
• Multiple platforms posted instantly Simple idea. Not-so-simple execution 😅

Tech Stack

Here’s what powers the platform:

• Backend: FastAPI
• Database: SQLite + SQLAlchemy
• Auth: JWT + bcrypt
• Encryption: Fernet (cryptography)
• Templates: Jinja2
• LinkedIn: OAuth2 + UGC Posts API
• Telegram: Telethon (personal account, not a bot)
• Twitter: Tweepy
• Reddit: PRAW
• Instagram & Facebook: Meta Graph API

Fully self-hosted. Clean. Dark-mode dashboard. No SaaS dependency.

Built with “Vibe Coding”

This project wasn’t built with a strict corporate sprint board.

It was built with:

• Coffee ☕
• Lo-fi music 🎶
• Random 2AM debugging
• “Let me try this” experiments

Some nights I was designing encryption logic.
Some nights I was fighting LinkedIn OAuth.
Some nights I was just staring at Telegram flood-wait errors.

That’s vibe coding.

Not perfect.
Not linear.
But deeply fun.

Clean Architecture (Future-Proof)

The best decision I made?

Each platform has its own service class.

All of them follow the same structure:

validate_credentials()
post(content)

So the router doesn’t care which platform it’s calling.

If tomorrow I add Threads or YouTube?

I just create another service class.

No messy logic. No rewriting half the project.

Security First

I refused to store API keys in plain text.

All credentials are encrypted using Fernet before saving to the database.

The encryption key lives only in .env.

When posting:

• Keys are decrypted in memory
• Used immediately
• Never logged

It may be a personal project — but I treated it like production.

LinkedIn OAuth2 — The Real Boss Fight

LinkedIn doesn’t allow lazy token pasting.

It requires a full OAuth2 flow:

Click connect → Redirect → Approve → Callback → Exchange token → Encrypt → Save.

The hardest part?

Decoding the id_token to extract the person URN.

Base64 padding math at midnight hits differently 😭

But once it worked… posting to LinkedIn programmatically felt like unlocking an achievement.

Telegram — My Favorite Feature

Instead of using a bot, I used Telethon with my personal Telegram account.

Which means:

• It lists all your groups
• You choose where to post
• It sends messages to all selected groups

With a 1-second delay between messages.

Because Telegram flood wait is not a joke

What This Project Taught Me

• Architecture matters more than code length.
• OAuth2 is painful but powerful.
• Encryption is easy to add — don’t ignore it.
• Rate limits will humble you.
• Building your own tools is the fastest way to grow. And honestly?

Vibe coding works — if you care about what you're building.

What’s Next?

• Image upload support for Instagram
• Post scheduling
• Analytics dashboard
• Multi-user SaaS version
• Token refresh automation

This started as:

“I’m tired of copy-pasting.”

Now it’s slowly turning into something much bigger.

If you're building something similar or experimenting with automation + FastAPI, I’d love to hear your experience.

Built with , Python, FastAPI, and chaotic 2AM vibe coding.