Our Gift to You: 20% off your own designs in Strong & Flexible Plastic through Dec 23, with promo code MY2014 · details
Home » Developers » Shapeways API » Uploading to Developer's Store?
Search Search  
Show: Today's Messages    Show Polls    Message Navigator
Uploading to Developer's Store? [message #71819] Thu, 18 July 2013 19:40 UTC Go to next message
avatar crjjrc  is currently offline crjjrc
Messages: 2
Registered: January 2012
Go to my shop
Junior Member
Hi. I'm poking around the API for a mobile app I'm writing that creates models for its users. I'd like to upload these models and sell them with some markup. I'm thinking that I need to upload to *my* Shapeways account -- not the user's -- and set the markup manually. But I don't see how I can authenticate my own account when the user is running my app. The API example redirects to a URL where the user logs in with her own credentials.

Is markup possible with the API?

Thanks.

- Chris
Re: Uploading to Developer's Store? [message #71822 is a reply to message #71819 ] Thu, 18 July 2013 20:30 UTC Go to previous messageGo to next message
avatar crjjrc  is currently offline crjjrc
Messages: 2
Registered: January 2012
Go to my shop
Junior Member
I see now that I can log in once myself and steal the token and secret from my login. These can be used in my app. And tokens never expire? Is it customary to operate this way? Is there a way through the API or web interface for me to revoke the token later if I need to?

Thanks.

- Chris
Re: Uploading to Developer's Store? [message #72651 is a reply to message #71822 ] Mon, 05 August 2013 13:40 UTC Go to previous messageGo to next message
avatar ProfessorBeekums  is currently offline ProfessorBeekums
Messages: 35
Registered: February 2013
Go to my shop
Member
I work here
Hi Chris,

Tokens do not expire at the moment. Allowing their expiration is something we're planning on doing in the future, but I do not have a specific ETA for that.

-Beekey
Re: Uploading to Developer's Store? [message #72942 is a reply to message #71822 ] Mon, 12 August 2013 05:01 UTC Go to previous message
avatar mmorrisdev  is currently offline mmorrisdev
Messages: 1
Registered: November 2012
Go to my shop
Junior Member
The very best approach for this would be to have your app send its data to a web service you run, then have the web service transmit to Shapeways, so only your web server has the login info. That way you can have your own analytics etc, and if API endpoint URLs change you can easily change just one thing on your server.

An "in between" approach would be to have your app get the login credentials and API endpoint URLs from your server only when needed, then use that to log in to your store and upload, then logout. So if anything unpleasant occurs, you can shut down all the downloaded apps pretty quickly, and you still only need to change just one thing on your server.

This is some pretty lightweight PHP to do and myriad cheap web hosting companies provide PHP support for your site.

I highly recommend NOT baking your tokens into a downloadable app, you will sleep much better at night.

[Updated on: Mon, 12 August 2013 05:02 UTC]


 
   
Previous Topic:Getting verifier_invalid in my response when I try and get my access token
Next Topic:Exception : Invalid auth/bad request (got a 500, expected HTTP/1.1 20X or a redi rect)

Logo

Hello.

We're sorry to inform you that we no longer support this browser and can't confirm that everything will work as expected. For the best Shapeways experience, please use one of the following browsers:

Click anywhere outside this window to continue.