避免对 Twitter API (node.js) 进行多重验证 [英] Avoiding multiple verification for Twitter API (node.js)

问题描述

我正在尝试在 node.js 中创建一个基本应用程序，它 a) 跟踪 twitter 中的关键字并临时存储与该关键字相关的消息，b) 在积累了足够的消息后，将其返回给用户.我正在使用 ntwitter 库.

I'm trying to create a basic app in node.js that a) tracks a keyword in twitter and temporarily stores messages relating to that keyword, b) after enough messages have been accumulated, return it to the user. I'm using the ntwitter library.

我在客户端和服务器端实现了一个基本的长轮询系统，但在验证时遇到了一些问题.我目前设置的方式是，每次调用/api/streamfeed 时都会验证用户，因此可能每 30 秒(因为我有 30 秒的超时计划)在检查流之前验证一次.我认为这会给我带来麻烦，因为我认为验证是有速率限制的?有没有办法检查我是否通过验证而无需 ping Twitter 的 API(可能在第一次尝试后存储一个布尔值)?

I've a basic long polling system implemented on my client and server side, but I'm having some trouble on verification. The way I set it up currently, it verifies the user each time /api/streamfeed is called, so potentially every 30sec (since I have a 30s timeout schedule) before checking the stream. I'm thinking this will get me into trouble since I believe verification is rate-limited? Is there a way to check whether I'm verified without having to ping Twitter's API (perhaps store a boolean after the first attempt)?

客户端:

//upon receiving a response, poll again
function getStreamFeed() {
  console.log('calling getStreamFeed');
  $http.get('/api/streamfeed').success(function(data) {
    console.log(data)
    getStreamFeed();
  });
};

setTimeout(getStreamFeed, 1000);


Server side:
app.get('/api/streamfeed', function(req, res) {
    /* 
        ...
        polling code
        ...
    */

    twit.verifyCredentials(function(err, data) {
      if (err) res.send(404);
      twit.stream('statuses/filter', {
        track: 'justin bieber'
      }, function(stream) {
        stream.on('data', function(data) {
          console.log(data.text)
          messages.push(data.text);
        });

      })
    });
  });

推荐答案

我会发回凭据并重新发送它们...这可能是一个布尔值，或者要使用的实际凭据.这些不是你的私钥或任何东西，只是用户的.

I'd send the credentials back and resend them again... this could be a bool, or actual credentials to use. these aren't your private keys or anything, only the user's.

也可以在标头和 cookie 中发送并正确散列等.

could also be sent in headers and cookies and properly hashed etc.

这只是简单地展示了一个应该有效的模式.

this just simply shows a pattern that should work.

客户端:

function getStreamFeed(credentials) {
    //upon receiving a response, poll again
    console.log('calling getStreamFeed');
    var url = '/api/streamfeed';
    if (credentials) {
        url += '&credentials=' + credentials;
    }
    $http
        .get(url)
        .success(function(data) {
            console.log(data)
            getStreamFeed(true);
        });
};

setTimeout(getStreamFeed, 1000);

服务器端:

app.get('/api/streamfeed', function(req, res) {
    function twitStream () {
        twit.stream('statuses/filter', {track: 'justin bieber'}, function(stream) {
            stream.on('data', function(data) {
                console.log(data.text)
                messages.push(data.text);
            });
        }
    }
    var credentials = req.query.credentials;
    if (credentials) {
        twitStream()
    }
    twit.verifyCredentials(function(err, data) {
        if (err) res.send(404);
        twitStream()
    });
});

这篇关于避免对 Twitter API (node.js) 进行多重验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！