Lack of authenticated requests #2
Comments
|
Hey Joe, There is actually a group of authenticated calls that are available, so there is no need to hack it using Javascript. The problem is that it requires HTTP Basic Authentication, rather than OAuth. Since this is pretty insecure over a non-ssl connection, I chose not to implement it right away. With authentication, you would be able to validate a user's name/password, love tracks/blogs/searches, see if a user has loved a track, see if a user is friends with another user, and see if a user follows a certain blog. It's worth noting that these are all legitimate API endpoints, it's just the the documentation for some of them isn't public. If you'd like access to the private documentation, I would email [email protected] and tell him you're interested in working on the gem and he'll more than likely shoot it your way. Let me know if you'd like to chat about this implementation and testing it using VCR. |
|
Oh OK. Yeah thats frustrating because the website uses SSL to login so they I'd much rather do the proper API calls so ill hit up Anthony and see --Joe Burgess
|
|
I emailed him, no response yet. :( |
|
Got a response a while back. Work is slowing down, so I'll start making a stab at this properly. |
So I'm looking into modifying the gem to handle authenticated requests. The issue is hypem doesn't reveal any authenticated stuff so I am looking at reverse engineering the javascript.
I am working on a proof of concept set of curl responses, but if I wrote this and submitted for a pull request would you accept it?
I see no better solution since hypem refuses to create and open api. :(
The text was updated successfully, but these errors were encountered: