search

mozillascience / PaperBadger

Issuing badges to credit authors for their work on academic papers
https://badges.mozillascience.org/
Mozilla Public License 2.0
95 stars 45 forks source link

Journal submission system integration #160

Open abbycabs opened 8 years ago

abbycabs commented 8 years ago

Update our API to make it easy for journals/publishers to integrate their submission systems with Paper Badger. Currently, publishers fill out a form listing all authors.

jinankjain commented 8 years ago

Hey @acabunoc Could you please elaborate on this? Like currently our api already required authentication like for issue and adding a paper we need auth for that.

What sort of endpoints we want to create for adding a paper?

abbycabs commented 8 years ago

Thanks @jinankjain for the questions, I hope this clarifies things!

We need to add authentication so publishers can securely consume parts of the api (like adding a new paper via POST request instead of a form). The same way we use the ORCID api by providing a key, publishers would do something similar with our app to issues badges on their papers.

jinankjain commented 8 years ago

It is sort of we have implement our Oauth2.0 according to RFC

abbycabs commented 8 years ago

well, I assume a library has implemented this and we can use it, but yes I think so

jinankjain commented 8 years ago

Ok, I will look into libraries.

jinankjain commented 8 years ago

@acabunoc found one library https://github.com/oauthjs/node-oauth2-server

amitkumarj441 commented 8 years ago

Hi @acabunoc ,

Actually, the authorization is processed using multiple predefined URLs, and hence endpoints But Here, we've have 3 endpoints:

  1. Request URL (this endpoint passes the request token)
  2. Access URL (exchanges request token for an access token)
  3. Authorize URL (confirms that the access token is valid)

Do we need to create all these endpoints?

Cheers, Amit Kumar Jaiswal

josmas commented 8 years ago

Bit of research on this issue: We've looked at Stormpath to be able to get this up and running quickly. It's free for up to 10K calls/month, which would be enough for now.

They have an express library, but after a quick experiment, our React front-end is getting in the way of the routes that Stormpath needs to add. They also have a React SDK that uses React Router, but our router is too out of date, so this will need a bit of work. May be a good idea to take care of #201 before attempting this again.

abbycabs commented 8 years ago

Stormpath seems like a good solution if we can get it working!