Personal API access tokens created for the resource https://lichess.org

Ne_comer

Personal API access tokens created for the resource lichess.org

There was a need to create a token to use the API (playstrategy.org/account/oauth/token). These tokens are created for the resource lichess.org. Can you fix this bug?

statmatt

Hi @Ne_comer
Could you please give more details as to where you are seeing this problem?
What are the steps you are taking and where do you see this?
What type of access are you looking to grant access for?

Ne_comer

Hi @statmatt

I tried to use the API (playstrategy.org/api#tag/Swiss-tournaments) to create a Swiss tournament.

On the page playstrategy.org/api in the Clients block there is a link (Python general API - github.com/rhgrant10/berserk) to a description of using the PYTHON programming language to create tournaments.

To create such tournaments, you can use token authorization, which I mentioned in message #1.

And after creating this token, you can see how the API accesses the resource - lichess.org, but should be playstrategy.org.

Apparently, when creating the token, the lichess.org address is embedded

statmatt

Hi @Ne_comer

Thanks for the additional information. I'm still not sure I'm entirely following what you are saying, although I can't claim to have tried to create a Swiss tournament through the API myself. So this may be my misunderstanding.

The repository github.com/rhgrant10/berserk was created for the Lichess api and hasn't been adapted for PlayStrategy. Therefore you will need to make changes to this repository to make it utilise the playstrategy.org endpoint (I can't say where those changes will need to be made, but I expect it should be possible). I admit it isn't very clear that you need to do this, but we haven't spent much time on the PlayStrategy API in general.

Ne_comer edited

@statmatt

I am sure that all APIs will work if you manage to fix the generation of the TOKEN on the page (playstrategy.org/account/oauth/token/create?). There is a resource lichess.org embedded in the code, and your address playstrategy.org should be when generating the token.

Everything should definitely work, because the address is embedded in the token. The token is an encrypted authorization link on the site.

statmatt

@Ne_comer

I've tried it myself. The tokens being generated aren't tied to a specific domain name.

I was able to do the following:

> curl playstrategy.org/api/swiss/new/XXX --data "clock.limit=180&nbRounds=7&clock.increment=0&clock.delay=0&xGamesChoice.nbGamesPerRound=1" -H "Authorization: Bearer YYY" -X POST

Where XXX is the id of the team name I am created the Swiss for, and YYY is my token I generated.

I used curl in a command line, but the same principle should apply with the requests module in python and likely the github.com/rhgrant10/berserk

I'll admit that the API documentation is out of date for some of the new fields that have been added, and we'll make a note to try and bring this up-to-date at some point but I believe the principle of creating a token on PlayStrategy and using that token to create a Swiss tournament to be working.