Identify a user posted a comment

[mehdi ait oufkir]

Hello,

I'm building a JS widget which would allow to identify when a user
posted a comment. For now, let say it would just do an
"alert("congrats")".

Right now, the way I think I am going to do is:

1/ have the widget make JS API call to get the id of the post:
http://api.typepad.com/blogs/6a014e86bc2a40970d014e86bc2a7b970d/post-assets/@by-filename/2011:03:first-blog-post-eva.js?callback=my_callback
2/ then have the widget make JS API call to see there is a new
comment : http://api.typepad.com/assets/6a014e86bc2a40970d0147e33c4305970b/comments.js?callback=my_callback2
3/ then if there is a new comment, find out if the current user
actually posted it.


The challenge I have right now is that I can't seem to figure out the
ID of the user currently visiting the page. I tried to play with the /
user end point but I can't retrieve it.

Also I'm not really happy with this general solution because, I need
to run the 1/ 2/ 3/ in loop in order to find if somebody made a
comment since there is no page refresh the user just left a comment.
Let me know if anybody can think of a better solution.

[Martin Atkins]

On 04/06/2011 10:24 AM, mehdi ait oufkir wrote:
> Hello,
>
> I'm building a JS widget which would allow to identify when a user
> posted a comment. For now, let say it would just do an
> "alert("congrats")".
>
> Right now, the way I think I am going to do is:
>
> 1/ have the widget make JS API call to get the id of the post:
> http://api.typepad.com/blogs/6a014e86bc2a40970d014e86bc2a7b970d/post-assets/@by-filename/2011:03:first-blog-post-eva.js?callback=my_callback
> 2/ then have the widget make JS API call to see there is a new
> comment : http://api.typepad.com/assets/6a014e86bc2a40970d0147e33c4305970b/comments.js?callback=my_callback2
> 3/ then if there is a new comment, find out if the current user
> actually posted it.
>
>
> The challenge I have right now is that I can't seem to figure out the
> ID of the user currently visiting the page. I tried to play with the /
> user end point but I can't retrieve it.
>

Unfortunately to protect user privacy and to avoid potential cross-site
scripting attacks the JSON-P endpoints you're using have no concept of
"the current user". In order to handle user logins it is necessary to
implement some server-side logic to perform an OAuth transaction.

The OAuth flow will include a step where the user is asked to grant your
application access to his or her account, after which it is possible to
identify the user using some combination of the techniques described on
this page:
http://www.typepad.com/services/apidocs/authentication

Regrettably we do not have a solution that's available to purely
client-side applications at this time. Applications running entirely in
the browser, such as widgets, may only access public data that does not
require user authentication.