Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating Meetup API Call #27

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Updating Meetup API Call #27

wants to merge 2 commits into from

Conversation

joshfinnie
Copy link
Member

Updating the meetup api to only show NodeDC meetups. For some reason it was also showing all of my meetups... weird!

@adunkman
Copy link
Member

adunkman commented Mar 9, 2015

Just noticed that this morning, too.

adunkman
adunkman reviewed Mar 9, 2015
View reviewed changes
routes/api/meetup.js
@@ -7,10 +7,10 @@ var request = require('request');

exports.meetups = function (req, res) {
'use strict';
var url = 'http://api.meetup.com/2/events?status=upcoming&order=time&limited_events=False&group_urlname=node-dc&desc=false&member_id=26710252&offset=0&format=json&page=20&fields=&sig_id=26710252&sig=f9a8c7e4076e5ed5825f06378a855415af3722a9';
var url = 'https://api.meetup.com/2/events?offset=0&format=json&limited_events=False&group_urlname=node-dc&photo-host=public&page=20&fields=&order=time&desc=false&status=upcoming&sig_id=26710252&sig=dc51b92626c66cdedabf20d5c39aceb4720eb70a';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are these sig parameters secrets?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adunkman I am not really sure... might be, but that is the test URL they give me. I will do some more research and see what's actually secrete if anything.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

secrete… gross. :)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is what a signed API url is:

Similar to OAuth signing, this method of authentication certifies that a request was approved by a particular user. Unlike OAuth-signed requests, key-signed requests may be reused and recycled as long as their corresponding API key is valid. If a signed URL is released to the public, any application can use it to interact with Meetup as if it had that API key; the difference is that it can not change definitive parameters or use the signature against other API methods.

We can use an API key as well, so maybe we should move it to an environment variable. Thoughts?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, we should probably move to using our API key from an environmental variable, since somebody could hammer that URL and cause our API key to be throttled/banned.

But, that sounds like a lovely problem for Future Josh and Future Andrew. Created #29.

@adunkman
Copy link
Member

adunkman commented Mar 9, 2015

👍, if those are secrets we should move them to environmental variables and regenerate them — but not something that needs to happen in this PR, obviously. :)

@adunkman adunkman mentioned this pull request Mar 9, 2015
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joshfinnie @adunkman