I have long wanted to open my page on vkontakte.ru
and finally I can do it! in theory…
So, the main idea is to use the data of my profile on the site vkontakte.ru when forming my home page (it naturally does not require any authentication and is visible to the entire Internet - this is the meaning of “opening a profile”). I plan to do this using an API that I recently opened to develop social networks and client applications based on vkontakte.ru (userapi.com).
why do I need this? everything is simple - I don’t have a blog yet and I don’t have a homepage either, but sometimes I write notes on vkontakte.ru and I want to fumble them with those who prefer blogs and xml-tapes (I myself prefer Google reader) + with those who still does not know me and may never know if google and yandes will not know ... + there is enough information in my profile that I don’t want to hide, but I don’t want to copy it to my website as I change
')
+ I will be able to comment with openid and generally wake up open social :)
UPD
I registered my “project” on userapi.com and received the project id - during authorization you need to specify this identifier - this is done in order for me to be able to log in using only my number on the site (it is indicated when registering the project).
Then I tried to log in as written in the documentation and entered into the browser line:
login.userapi.com/auth?login=force&site= [MY_PROJECT_ID] & email = [MY_EMAIL] & pass = [MY_PASSWORD]
the server redirected me to the site of my project # sid = generated session ID
"Strange mechanism" - I thought - "but it works and what's the difference how do I get this identifier"
then I tried to access the data (from the examples in the documentation) - you pass the session identifier and other request parameters, and in response you get the data - it works :)
I then wrote a little code to get a little closer to my idea:
everything worked and I decided to transfer this business to the hosting in order to quickly create my website on django :) and what do I see? I can not connect to the server !!! I look into the code, try wget, then lynx is the same! I check the connection with other hosts - everything works, I copy the script to another hosting - again it does not work :) please execute my friend script - it works ... and here I understand hosters are stupidly banned !!! what for?
We look into the documentation and think ... api is written with a view to working through AJAX (in most requests the name of the callback is transmitted and the “strange” authorization is done for the same reasons). hosters apparently banned in order not to be able to “merge” the data directly and as protection against violations of the user agreement, assuming that the development of third-party projects will be conducted in such a way that requests to userapi.com will go directly from the user bypassing the project server ie a third-party project on sute would provide only an interface ...
in my opinion, very foolish enough protection ... no one bothers to steal user data, and most importantly passwords using the same AJAX (just insert the code thief is not always to get confidence) ... why it was not done authorization as it is implemented in the openid ?! strange ...
In the end, I think, it’s not a problem to find a “clean” hosting, but maybe it was a stupid idea? and vkontakte.ru is not my choice?
So, the main idea is to use the data of my profile on the site vkontakte.ru when forming my home page (it naturally does not require any authentication and is visible to the entire Internet - this is the meaning of “opening a profile”). I plan to do this using an API that I recently opened to develop social networks and client applications based on vkontakte.ru (userapi.com).
why do I need this? everything is simple - I don’t have a blog yet and I don’t have a homepage either, but sometimes I write notes on vkontakte.ru and I want to fumble them with those who prefer blogs and xml-tapes (I myself prefer Google reader) + with those who still does not know me and may never know if google and yandes will not know ... + there is enough information in my profile that I don’t want to hide, but I don’t want to copy it to my website as I change
')
+ I will be able to comment with openid and generally wake up open social :)
UPD
I registered my “project” on userapi.com and received the project id - during authorization you need to specify this identifier - this is done in order for me to be able to log in using only my number on the site (it is indicated when registering the project).
Then I tried to log in as written in the documentation and entered into the browser line:
login.userapi.com/auth?login=force&site= [MY_PROJECT_ID] & email = [MY_EMAIL] & pass = [MY_PASSWORD]
the server redirected me to the site of my project # sid = generated session ID
"Strange mechanism" - I thought - "but it works and what's the difference how do I get this identifier"
then I tried to access the data (from the examples in the documentation) - you pass the session identifier and other request parameters, and in response you get the data - it works :)
I then wrote a little code to get a little closer to my idea:
from httplib import HTTPConnection
from urllib import urlencode
import re
site = [MY_PROJECT_ID]
email = [MY_EMAIL]
password = [MY_PASSWORD]
id = 389606
auth_conn = HTTPConnection("login.userapi.com")
auth_conn.request("GET", "/auth?"+urlencode({"login": "force",
"site":site,
"email": email,
"pass":password,}))
auth_resp = auth_conn.getresponse()
location = auth_resp.getheader("location")
auth_conn.close()
sid = re.compile("\w+$").search(location).group()
conn = HTTPConnection("userapi.com")
conn.request("GET", "/data?"+urlencode({"act": "activity",
"from": 0,
"to": 10,
"id": id,
"sid": sid,}))
resp = conn.getresponse()
data = resp.read()
print data
conn.close()
everything worked and I decided to transfer this business to the hosting in order to quickly create my website on django :) and what do I see? I can not connect to the server !!! I look into the code, try wget, then lynx is the same! I check the connection with other hosts - everything works, I copy the script to another hosting - again it does not work :) please execute my friend script - it works ... and here I understand hosters are stupidly banned !!! what for?
We look into the documentation and think ... api is written with a view to working through AJAX (in most requests the name of the callback is transmitted and the “strange” authorization is done for the same reasons). hosters apparently banned in order not to be able to “merge” the data directly and as protection against violations of the user agreement, assuming that the development of third-party projects will be conducted in such a way that requests to userapi.com will go directly from the user bypassing the project server ie a third-party project on sute would provide only an interface ...
in my opinion, very foolish enough protection ... no one bothers to steal user data, and most importantly passwords using the same AJAX (just insert the code thief is not always to get confidence) ... why it was not done authorization as it is implemented in the openid ?! strange ...
In the end, I think, it’s not a problem to find a “clean” hosting, but maybe it was a stupid idea? and vkontakte.ru is not my choice?
Source: https://habr.com/ru/post/44660/
All Articles