I am building a SMALL subscription-based educational video site (openly accessible examples of similar technical implementations would include RailsCasts Pro, Egghead.io Pro, Codeschool.com, etc.) where users pay to get access to a certain array of videos.
Obviously, I don't want to spend time on reinventing the video hosting wheel, so I would like to use a hosted solution for that.
Now, googling "hosted video access control" or anything like that hasn't yielded any meaningful results, since it seems to be the wrong search phrase - this has less to do with access control and more with restricting video access based on some from of authentication & authorization. My guess this would be in practice implemented by some token system.
I'm having trouble of knowing where to start.
My questions are:
1) What is the de facto way of doing access control to videos on these subscription video sites?
2) Are these providers doing it from scratch; is there a provider that has a easy to setup, simple and affordable solution for this; or is there a set of tools that you can use to build the system?
3) Are some of the major video hosting providers such as YouTube, Vimeo, etc. usable for this kind of a use case, perhaps using some 3rd party solutions to handle the access control part?
Thank you!
Although not a definitive answer, the best thing so far I've found is Wistia (http://wistia.com/product). And Udemy (http://udemy.com) is a more controlled learning video / online course environment.
Related
I have an application with (nuxt js using nuxt-auth) with local authentication so far (later I want to add git and google auth).
Now I need to add authentication to invoke other services / API (like google cloud rest API, payment system, youtube API, etc...)
The question is: the user is authenticated only once (during login to the application.) but each of these 3rd party APIs has its own authentication.
How to implement multiple authentications. (I read the documentation and google for the entire day but there is no clear answer).
As of today, it looks like it is not doable (people are needed on this module): https://github.com/nuxt-community/auth-module/issues/889
So, you would need to make it manually by plugging the APIs yourself.
Answer to your latest question~comment
Nuxt is indeed nice with some of it's modules (but you can totally dislike it, no problem :D).
First thing that you need to know, is that this project (nuxt-auth) is not the biggest one, #pooya is doing his best but he is on a lot of projects, so he cannot give all of his love to it. Then, you also need to understand that it's working great but it's still in a decent beta state with a lot of missing features, needed documentation and a lot of small things to make it an all rounded solid top notch solution.
That do not mean that you should not use it, I'm just saying that this module do have some limitations. Hence, the fact that it is not supporting a whole lot of OAuth solutions in a clear + simple + flexible way. And some breaking changes may be introduced in future updates.
The module is aimed towards having an OAuth solution to block the content of your website behind it (in my opinion). It means that you will usually use a single login solution and then, being able to have access to your app. I don't think that it's a viable multi-OAuth solution (yet).
Some services don't even need to use a solution like this. Stripe for example, should not be handled on the frontend but communicate with a backend for sensitive variables and just send minimal info thanks to Stripe Elements.
That said, the most common solution is JWT or OAuth2, and you could totally have a backend service or service like Okta, Auth0 or alike, do the heavy lifting by allowing simple logins to providers (Github, Google etc...).
To sum up, you do connect to this backend/service thanks to nuxt-auth, the service itself does the provider connection and you get the best of both worlds while still connected in a secure way through your initial nuxt-auth entry point login.
Or you could try to reach the community on Discord, see if somebody knows how to do it. Or even try to read the source code to see if it is currently feasable.
And that's my 2cts.
Anyone having trouble building API's with the new Kimono Desktop app. When I click create API the browser just stays on create API screen loading but nothing happens.
I even tried building an API that is the same as one I built when Kimono was still in business and no luck.
My existing api's still run and pull data fine.
Working just fine here.
Just a shot in the blue...did you install the new extension specifically for the desktop app? The old one can't work anymore since Kimono disabled the online service.
You can't build new APIs I think - only existing ones. :( Said something like it was not the acquiring company's policy to provide this publiclu available service but since they did not know how many businesses depended on their APIs they decided to allow existing APis to run.
You can also use their software for replace the online API. But it's an abandonware.
It's working great but on some website I can create new API because of an error.
I just find a possible (free) product that can replace Kimono : Datascraping.co.
They will include an REST FULL API within few days / weeks, as they said here.
It's a good software, but comparing to Kimono Desktop it's a little much more complicated.
Kimono got bought out and it's not working anymore.
Import.io is good but it kinda expensive for me. I've tried the free trial before but see the price starts from $249, so... https://www.import.io/standard-plans/
I don't have any progamming skills so I know very little about some web scraping frameworks like Scrapy.
You may want to look at this new web scraping software called Octoparse.
In case you want to know, here is the link:http://www.octoparse.com/
It takes a little time to begin. But they have rich tutorials on the website. Plus it doesn't require programming skills.
They provide cloud-based scraping service and API access.
You can use it to create API but you have to pay for the service. Free version doesn't have the API and cloud service.
I've been using it for 2 month with the Standard plan $89, which a lot cheaper than import.io. So far so good.
Hope it would be helpful for you.
Twitter offers 'web intents' that are an alternative to OAuth access to their API. Basically, this provides a less feature rich experience, but can still be quite handy. User clicks on 3rd parts websites can create popup windows that check whether the user is logged in to twitter and if they are, allows them to us some Twitter features such as tweeting, retweeting, or following users.
My question is, how could I go about implementing an API like this? Are there tutorials or libraries? I'm not sure what technologie(s) power web intents or where I should start searching.
Thanks.
You can read more about web intents at webintents.org and read the W3C's draft spec. As far as I know, web intents are still somewhat of a new beast on the web and they have not been standardized.
Still, you may want to read this blog which contains a few examples of registering web intents and check out Paul Kinlan's git repo https://github.com/PaulKinlan/WebIntents
Hope that helps you get started.
I want to make an app where the users can post messages that will be displayed on a website. The users would need to create a username and password to be able to post.
The app would be like a twitter, but only be able to post through the app and read the last few posts and not be able to write private messages.
The website would function like a huge cloud of thoughts where everyone could go and read what others have written. Once the post hit the cloud, they can't be deleted. Only me could delete posts.
All posts would have different color and font size, it would look like a huge tag cloud on the website.
How do I make an app and a website like this?
David H
The tutorial application for Google Application Engine is an unstyled version of what you describe. They'll even host it for you for free (up to a non-trivial level of usage).
The tag cloud creation is not so very hard but without knowing your preferred language it is hard to point you to helpful libraries (there are plenty out there).
Getting people to use it will be the hard part.
added in response to comment:
Good luck on your endeavor. I would be surprised if you weren't able to learn everything you need to know and have a working web app by the time school starts. I found a simple stand alone web cloud creation library that explains what it does and will run on GAE. So now even that part is in place for you.
I'm tempted to make some pathetic reference to the sorts of computing that I did prior to high school, but I expect that you probably have SD data cards have more computational power than I had available to me. Kids these days! ;)
My understanding is that Google Analytics (the tool I'd normally use for website analytics) cannot be used on a MySpace page, because MySpace doesn't allow you to embed javascript.
But my client wants to track usage of her MySpace page.
Has anyone found away around this? I'm looking for a different web-based, third-party analytics toolset, I guess. One that doesn't depend on javascript, is at least close to as feature-rich as Google Analytics, and is preferably cheap (or free!).
(I picture a 1x1 image-based solution.)
StatCounter is a pretty good alternative to Google Analytics that provides an image-based tracking tool for this sort of situation. It does only keep track of the last 500 requests for the free plan, however.
You also have to understand that the only way to do this without Javascript (the image based approach) will not be able to collect nearly as much data as the Javascript-based tracking tools.
AwStats is a server-side that processes based on your server logs.
GetClicky uses an image and/or a script to track visitors.