Module rawr::auth
[−]
[src]
Whenever you create a RedditClient, you need to provide an Authenticator that can
log in for you and send credentials with every request. Reddit's API provides multiple
ways to authenticate, and it's important that you use the correct one for your application
so that you only take passwords where necessary.
OAuth Or Not?
In effect, Reddit's API is split into two parts: a deprecated API that uses cookies for authentication, and an OAuth API that is recommended for new applications. Clients that use OAuth-based authenticators have a higher rate limit (60/min for OAuth, 30/min for cookie), so it may be preferable to use OAuth if larger batches of data are being processed from the API.
Authenticator Summary
AnonymousAuthenticator- uses the legacy API (so it has a lower rate limit) but requires no credentials at all. Choose this if you just want to browse the API without registering.PasswordAuthenticator- uses the OAuth API (so higher rate limits), but requires a registered account and registration on the 'apps' page (see below). Choose this for bots or scripts that use lots of data.
TODO: Add authenticators for the other flows and document them.
Registering Your App (for OAuth-based authenticators)
Note: this does not apply to AnonymousAuthenticator.
In order to register to use OAuth, you need to login on your bot account and create an 'app'. All you have to do is:
- Go to your app preferences
- Click 'create app' (or 'create another app', if you've already created one)
- Enter a name for your bot.
- Leave the description and about URL blank (unless you want to fill these in!)
- Choose the correct app type. If you want to use
PasswordAuthenticator, choose script. - Set the redirect URL to 'http://www.example.com/rawr' - this will not be used.
- Click 'create app'.
You'll probably be able to see something like this now. If so, you've successfully created your app. Don't close it yet, because we need to get some 'secrets' from that page.
OAuth Secrets
In addition to your username and password, PasswordAuthenticator requires a client ID and
client secret token. The only way to get this is by registering an app. If you've followed
the steps above, you're already in the right place to follow the next steps.
On this page, the client ID is the random string below 'personal use script' and the client secret is the underlined string. Store both of these somewhere safe, and treat the client secret like a password - it must not be shared with anyone!
You're now ready to create a PasswordAuthenticator. Ensure you provide all parameters in the
correct order:
PasswordAuthenticator::new(CLIENT_ID, CLIENT_SECRET, USERNAME, PASSWORD);
Structs
| AnonymousAuthenticator |
An anonymous login authenticator. |
| PasswordAuthenticator |
Authenticates using a username and password with OAuth. See the module-level documentation for usage. |
Traits
| Authenticator |
Trait for any method of authenticating with the Reddit API. |