Closed Coderbora closed 3 years ago
feels like an oversight as I'm sure most people assume restricted users can't authenticate like that... if not, there should also be clear documentation in the authentication and /me
sections
feels like an oversight as I'm sure most people assume restricted users can't authenticate like that... if not, there should also be clear documentation in the authentication and
/me
sections
For me that was like it too; especially at my first sight about restricted users logged in with OAuth, I was shocked. Then, I searched about it on API v2 docs and found the is_restricted
attribute on User object with the description of:
In addition, following attributes are always included:
But I saw that's not the reality when trying to access the /api/v2/me
scope, although didn't try it on the /api/v2/users/:user
. Also, I found some references about the is_restricted
attribute on this repository but don't think they are actually on the return side of functions.
Also, I am sure that tournaments will need to check if the user is restricted or not for more accurate results on registrations, and reducing the load on the screening team.
Keep in mind that if you need an up to date status of the user at some point in the future, you'll still need to query /api/v2/users/:user
to see if the user is present or not.
Also, I am sure that tournaments will need to check if the user is restricted or not for more accurate results on registrations, and reducing the load on the screening team.
Keep in mind that if you need an up to date status of the user at some point in the future, you'll still need to query
/api/v2/users/:user
to see if the user is present or not.
We are running a refresh task that updates each user's details with a query on /api/v2/me
for every midnight to keep up-to-date daily, so I think that should do it.
Hello.
As the title mentions, this issue is about the /api/v2/me endpoint does not show is the user is restricted or not. Day by day, the API v2 usage is increasing; especially for tournaments with OAuth login. The issue is that restricted users can also use OAuth with their osu! account and that leads to problems on systems which has integration with osu! OAuth login.
For instance, we are using osu! API v2 for the Turkish community in osu! - helping link their osu! and Discord account to enter the community Discord server for now, and also planned to extend with tournaments, news, and events sections which make everything about the community organized and easy to reach. However, we do not want restricted users to get authenticated on the system, so we need to check if they are restricted or not on callback. If we try using the
/api/v2/me
scope, which we already use to gather information about users, we cannot reach information about restriction detail. As a solution, we can try using the/api/v2/users/:user
endpoint but in this way, we are actually sending more requests to osu! and also now need to request public scope too to use that endpoint.Also, I am sure that tournaments will need to check if the user is restricted or not for more accurate results on registrations, and reducing the load on the screening team.