Rupee History API

Discussion in 'Suggestion Box Archives' started by azoundria, Sep 10, 2014.

  1. Right now, the developers of software like EMC Shopkeeper have to log into the website and parse HTML tables to get rupee history. Not only is it time consuming for a programmer, it's also error-prone, and puts us in an interesting position where the output format cannot change without potentially breaking numerous programs.

    Although developers are obviously the main beneficiaries of an API, I feel the community as a whole will benefit because users will be able to use more tools and not have to reveal their account information when doing so.

    It also opens the doors to adding additional information to the rupee history very easily such as what residence an item was bought at, what server the exchange took place on, the stock level after the transaction occurred, and other, very useful information. This, in turn, makes it easier for shoppers and store owners to use the marketplace.
  2. EMC Shopkeeper is exactly one such tool that would use the API. It currently accesses the transactions in the way I mentioned, via logging you into the website on your PC and then parsing the tables. Every time you use EMC Shopkeeper, server resources are wasted to format the information, and to get extra transactions that you may not be interested in. If EMC were to change the website in a certain way, then EMC Shopkeeper would be broken. EMC Shopkeeper also deals directly with your username and password, which creates security issues and means that you cannot give access to your rupee history to anyone else.

    Also, check this warning:
    It wouldn't exist with a proper API!

    So, EMC Shopkeeper would be improved by my suggestion! Not only that, but many other similar and greater tools could be built more easily.
    sambish20 and 607 like this.
  3. I think releasing an api would be great, but I think less of a focus on transactions would be a more realistic option.
    SoulPunisher likes this.
  4. Everything is already kept on a database, just have to set a recordset from the database and push the information forward into queried dynamic texts - it is easily possible.
    SoulPunisher likes this.
  5. Thanks so much for the support! I think it would be cool to hear from someone behind the scenes about how hard it would be to build a simple API. On the most basic level, users have an authentication token which they give to an application. The application can then download transactions in a format such as CSV or JSON. I don't know how simple the backend is, but it seems that it would be:
    • Adding an access token field to the user table in the database. (~5 minutes)
    • Creating a page which outputs transactions in a format like CSV or JSON if the access token is correct. Some parameters can be accepted and go straight into the query. There is some work involved here to make sure the parameters are escaped and such, testing things out, etc... (~3 hours)
    • Adding a page or area to display the access token field somewhere on your account and allow a new token to be generated if the user wishes. (~30 minutes)
    This is of course assuming the transactions are in a database readily accessible. I have no idea how the backend works.
    SoulPunisher likes this.
  6. Forgive my ignorance, but wouldn't that mean everyone would have to sacrifice the privacy of their rupees history, even those not using the tool?
  7. Potentially not. Depending on how the authentication is done, it may require someone to input their password to get a token which can then be used to retrieve data.
    SoulPunisher likes this.
  8. The security token would be unique to each user and you have to be logged in already to access it.

    Only applications with your security token can read your rupee history. If you get a new application you give it the token instead of your password, thus the application doesn't get to know a password you probably reuse elsewhere (which is typical end user behaviour) and can't do anything other than read the transactions.

    At the moment having people give their passwords directly to applications like EMC Shopkeeper is a security problem. It's just a matter of time before someone could abuse that...
  9. Square's API is able to handle rupee logs, AFAIK. A public version of it with authentication of both the app and the user being requested would be amazing.
  10. I was actually looking into some improvements to stuff like this the other day.

    Id much rather people generate an API key than give other sites their password.

    Eventually.. It just sucks to keep building more things on top of the forums that will then break when we do upgrade.
  11. *Comes into thread hoping for completed api*

    Mirr0rr likes this.
  12. What are the upgrade plans?
  13. A responsive, mobile site with further plans to upgrade the XenForo software. You might like to check this thread out, it could be something for you
    sambish20 likes this.
  14. plz make rupee history searchable.
  15. Alright, so the front end forum software is going to change to Xenforo.

    Does this mean that the back end rupee history data will have to be reformatted?
  16. We're on XenForo now, it's just really outdated which is what the main upgrades are about
    607 likes this.
  17. The site's currently running something like XenForo 1.0 which is more than three years old. When Justin originally made the site, he hacked into the software a lot, so to upgrade Aikar's essentially going to have to change how the custom portions of the website work. Rupee history and things are stored separately I believe, so they wouldn't be affected by a site update.
  18. Template Updates for the UI would. Templates is the biggest "Hacked up" part of the forums.
  19. Why not just use two versions of the site and go ahead and update? ...we can use the current version until the newer one is touched up and live. Since it's part of the same url and same owner, wouldn't you be able to use your xenforo license to have multiple xenforo sites on your own domain?