Axcid API
Mashup API (early stages) was released publically:
See axcid.org
Posts tagged ‘api’
XMLAPI / Webservice Security for idiots.
Right, well a while back when Axcid was just getting started (with the original API), we thought security was gonna be a big issue(the API is open now).
So I came up with this method of security, in which the only way it could really be cracked was if the string / method used to hash the security string was retrieved from the code of the application.
So basically:
1. Client sends request for ticket (if request is granted, ticket hash is sent)
2. Client hashes ticket with a special key in the application.
3. Ticket is submitted with request, ticket is deleted in the database.
I call this method, common sense.
If you have ever worked with ticket based session systems before, your probably familiar with this idea.
It’s a simple way to make sure YOUR application / client is the only one accessing data.
Making sure a client data matches up with servers. who woulda thought /sarcasm
Back.. Oh and SongBird + Axcid = Greatness!!
Fixed the problem.
Now for the big news:
Integrated Songbird + Axcid search api earlier today. It’s done in JS (using php to proxy for crossdomain shit), and hooks into the Axcid XML API.
Letting you have iTunes store like downloading functionality, free.
http://getsongbird.com/
http://sharingiscaring.us/
(Did I mention songbird works with iPods?)
Writing a social site network.
So I create a lot of internet sites. And I know people that create a lot of internet sites. And I like it this way, I like having 100’s of sites that I visit. But the annoying thing is the globalized login system.
This has actually been in the works for a while, since somewhere near the start of Axcid. It was never fully documented as a login system and got cut out of the latest Axcid API version.
The goal? To create a network of sites. What the plan was?
- Implement a social login system.
- Implement a fully compatible XML login API for it, that also allowed access to some public user data.
- Implement Facebook & Myspace integration applications, aswell as a small social network using the login system.
- Implement an OpenID provider system, allowing you to login on OpenID sites with our details, but not the reverse.
- A global site ‘framework’ allowing for fast creation of new sites, layout generation, site cross-integration and quick ajax frameworks.
So I’d like to hear your thoughts on this idea, as a developer, would you use a freely availible login framework? Would people be open to the idea of a site directory? Would developing this into all products be worthwhile? Leave a comment by going to the full post link or drop me a line @ anon@nati0n.org and tell me your thoughts.