Our Use case is Anyone can create a site in our platform bit as Wix lets say. Each Site has its own Community & Chat.
So I used my appId, secret key to create the user session token for the user of the site1 says site-1-user-1 for displaying the community of site1.
I used react-activity-feed components to display the timeline feed of user site-1-user-1 (timeline:site-1-user-1)
I also displayed status update from above the activity feeds using react component. So when I post in this status update form, the activity gets displayed as by site-1-user-1.
How do I post activity as a different user say site-1-user-2 using the same token? I want the timeline feed with status update form to be displayed as a discussion forum where any logged in user can post any topic and see other activities also.
I am able to do this using PHP and getStream SDK.
How is it possible by using the react component?
Stream restricts actions user is able to perform when using client-side tokens:
User is able to read any feed
User is able to make feeds with her user-id follow any feed
User is able to post to feeds with her user-id
Client side tokens can only be used to perform the actions as the user the token was created for.
If you need to be able to impersonate other users or post contents for users to feeds they have no access to you will have to user server-side stream api
Related
I have a question on micro-service architecture. example I have :
An authorization and authentication server which provide JWT (Keycloak for exemple)
2 micro service which communicate between them through REST.
1 micro service is a user service which create a new user in my database on each new user from the Keycloak (may be tomorrow we have Google or Github, it's important to take this in mind). When I'm creating a user I store his subject from claim in a specific field.
1 micro service which store the creatorId, the updateById for blog post for exemple.
Is it better to store in my creatorId and updatedById the subject (Like this I don't need to ask to my user service to identify who is a creator) or to store the userId from my user service and everytime call from my post-service which is the user that made the request (So I made Everytime a rest request to get the user which send the request by passing the JWT token to the user service).
IMO, sending Everytime a rest request will increase the load on the user service but a subject id for a different user can be the same for Google, Github and Keycloak.
I would do the following, so that you can move to a different Authorization Server (Google / Github) in future without too much impact:
User Service creates a row in its Users Table for each new user, with a database surrogate key as the main user id
This user id is saved to your creatorId / updateById fields
Meanwhile the OAuth Id / Sub claim is a column in the Users Table, but is not the main user identifier from business logic
The Posts Service can avoid calling the User Service on every single request if you cache claims in the Posts Service. Some resources of mine might give you some ideas that you can apply to your own solution:
User Management Blog Post
Claims Caching Blog Post
Claims Caching Code
my question
is possible get a user id in any way? I would search a user from his name and print his recently artist played
Thanks
This is not possible due to Spotify's Web API has no endpoint where you can fetch user ids by their names.
What you can do is creating an application where a specific user can login using Spotify. Afterwards you can use this endpoint in order to retrieve the recently played tracks of that exact user. The track object in the response will hold the artist as well.
I was trying to make an admissions portal bot and my requirement is to ask the user to enter basic information in a form and click on submit inside the bot itself. Any ideas on how to do this ?
There is no concept of forms in Dialogflow, you would just ask the user for the information that you need. Actions on Google has 'Helpers' for commonly required user information that return the users response as structured data, but if you need something more specific you would have to parse the users response on your own (preferably via a developer entity).
I want to retrieve a list of recent photos with a given tag to display on a website in a very simple gallery.
For that, the doc says I need an access token. However, it seems that the only way to authenticate against Instagram is through OAuth; which involves sending the user to instagram and allowing my application access to their basic data. However, I don't want my users to do anything; I'd like my application to authenticate against Instagram for me and then retrieve the data I want.
Sounds simple, but all online documentation seems to end up in "Redirect your user to...". And I find no sensible ways to do this programatically; it's all about sending users away, letting them authenticate, and then receiving the access token afterwards. I could of course scrape the HTML, parse the forms (for example, the unique-per-session csrfmiddlewaretoken field which needs to be posted along with login requests etc) and let my server side application pretend to be my own user and login/authorize the app, but that doesn't seem like the way to go.
I could also just authenticate manually in the browser, pick up the auth token and paste into my application; but as the doc says: "do not assume your access_token is valid forever." - so I'd like this to be fully automated.
If I try to create a WebClient and POST to https://www.instagram.com/oauth/authorize/?client_id={clientId}&redirect_uri={redirectUri}&response_type=code&scope=basic it just returns a 403 Forbidden which is of no use. (For what it's worth, I'm using C# and have found instasharp, but this problem is not tied to any given platform...)
Am I completely overlooking something, or am I right that server side authentication against Instagram has become really complicated? Most other social media platform API's I've touched lets me get some form of authentication token just by posting a combination of the application id and secret.
I want to build Instagram client for Ubuntu. I already figured out how to get data like user feed through access token through Instagram API. But I can't figure out how to get user news (e.g. someone liked your photo, mentioned you in comment etc.), I guess user need to be logged on to watch his news (via http://instagram.com/api/v1/news/inbox/).
So, the question: is there any way to get user feed through API, or through access token? I don't want to request user password in my application, all I got is access token.
This endpoint (v1/news/inbox/) is not supported by official Instagram API. By the way; you can't access the data.