DSGN 270 Day 5 - Connecting to Social Tools

Housekeeping

• DRAFT: Assignment 3

Trophy of the Day

• An API worth hacking for your assignment
• An authenticated connection to the GitHub API

1. Small World theory of networks

Materials

• Takeaways: Small World Theory of Networks

Key Takeaways

• As a network grows, the connections between the nodes of that network grow exponentially.
• People only have the capacity for about 200 social relationships.
• The more social connections you create, the less you will know those people, on average.
• People have stronger connections with others of similar interests, which are "connected" to other special interest groups by "people who know everybody".

2. The Dark side of social

Materials

• 5 Crazy Ways Social Media Is Changing Your Brain Right Now
• You Will Wish You Watched This Before You Started Using Social Media

Key Takeaways

• 5-10% of people can't control how much time they spend on social media.
• Heave social media users are worse at multi-tasking than casual users.
• Phantom Phone Vibration: when you think phone went off in your pocket when it didn't.
• 30-40% of face-to-face communication is talking about ourselves but 80% of online communication is self-involved.
• Studies show that partners tend to like each other more when they first meet online.

3. API Authentication: Tokens vs Keys

Materials

• Authentication vs. Authorization
• APIs and Authentication on the Jamstack
• What is the difference between API keys and API tokens?
• Why and when to use API keys from Google Cloud documentation

Key Takeaways

• Authentication vs. Authorization
• Tokens and keys often look the same and are generated with similar algorithms but the difference is how they are handled.
• Tokens:
  • identify the user, keys only identify a project or application.
  • cannot be used on the frontend and should never be shared publicly because they identify you (or your client) as a user.
• Access Tokens
  • similarly identify you but also authorize you to use restricted resources.
• Keys
  • are for authorization only and are not used to identify the user.
  • can be used on the frontend but are not considered secure, especially if they are passed in the URL as a query parameter (which can't be encrypted).

4. Demo: GitHub API on the server

Materials

• What is API Rate Limiting All About?
• Reference: GitHub REST API Documentation
  • GitHub API rate limits
  • GitHub Personal Access Tokens
  • Octokit JS Library
• Starter code: GitHub API

Key Takeaways

• Unauthenticated users can make up to 60 requests per hour.
• Authenticated users (i.e. using a personal access token) can make 50,000 requests per hour.
• GH automatically removes personal access tokens that haven't been used in a year.
• GH highly recommends adding an expiration to your personal access tokens.
• Because GH uses tokens and not keys, authenticated connections to the API must be made on the server-side.

4. Treasure hunt: Developer friendly social APIs

Find the developer documentation of a social API (GitHub, Twitter, LinkedIn, Twitter, etc) of your choice. For example: search "twitter api documentation", "instagram api nodejs", "github public api", etc.

• Is there a Getting Started or Getting Connected page for the API?
• What are the API rate limits?
• What's the current version of the API?
• Are there any Javascript libraries for using the API?
• Is there a public API available for frontend requests? Does it need to be authenticated?

Based on the tutorials/guides/documentation you find, what's the easiest method of sending a request to the API?