NEED HELP Emlalock API scripting manipulation

Discussion in 'Online chastity and self locking' started by PupGizmo, Jul 13, 2020.

  1. PupGizmo
    Offline

    PupGizmo DramaLlama

    Joined:
    Jul 22, 2018
    Messages:
    17
    Likes Received:
    17
    Trophy Points:
    3
    Gender:
    Male
    Occupation:
    IT
    Location: (Country, Region - and perhaps even City?):
    Mi, USA
    Local Time:
    2:57 PM
    Hello there all~

    So, short version here.....
    I've created a powershell script that, in theory, should make manipulating the emlalock api a breeze.

    My ultimate goal is to make this a .exe application for the community, with a gui and bells and whistles to boot.
    I get to learn a lot about powershell, the community gets a new tool, win win in my book.

    This makes WOF spins a lot more high-stakes and with some new bells and whistles, because you can make text on the wheel "add 1-5 requirements" and then just pop open the script, and "bam" the script handles a random number generation, creates the api link, pops open the default browser - everything's automated. super duper quick and powerful.



    Heck, guess that isn't very short.

    The problem, is, for the life of me, I CANNOT get the link format found at
    https://apidoc.emlalock.com/ here to work. I know I could get it to work like 12 months ago but.

    As an example, I can't get https://www.emlalock.com/add?userid=8pyljffgpy2zi6t&apikey=rnmwx07410&value=14400 to actually add 14400 seconds to the timer. I just get a 404 "NGINX"

    Also yes I realize there's an api key there - yes, it's a dummy session, on a dummy account.


    I'm hoping I'm missing something basic, but at this point, I'm just scratching my head and spinning tires.
    Any help would be greatly appreciated.
     
  2. TheRealAdam
    Offline

    TheRealAdam Long term member

    Joined:
    Sep 29, 2019
    Messages:
    155
    Likes Received:
    249
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Software engineer + First aid instructor
    Local Time:
    7:57 PM
    Are you sure the key and or userid is still valid?

    The documentation is a bit short, but that is often the case. Maybe you can contact them for help.
     
  3. Juan.
    Offline

    Juan. Long term member

    Joined:
    Apr 8, 2018
    Messages:
    206
    Likes Received:
    127
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Computer engineer
    Location: (Country, Region - and perhaps even City?):
    Spain
    Local Time:
    7:57 PM
    It is the data real or fake? To try my self
     
  4. Juan.
    Offline

    Juan. Long term member

    Joined:
    Apr 8, 2018
    Messages:
    206
    Likes Received:
    127
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Computer engineer
    Location: (Country, Region - and perhaps even City?):
    Spain
    Local Time:
    7:57 PM
    But looking at the api i dont expect much, it may be broken, for example the add function dont use / while info does, that kind of inconsistency it is not a good sight

    https://www.emlalock.com/add?userid=USERID&apikey=APIKEY&value=VALUE
    https://www.emlalock.com/info/?userid=USERID&apikey=APIKEY
     
  5. maid julie
    Offline

    maid julie Long term member

    Joined:
    Feb 11, 2015
    Messages:
    1,569
    Likes Received:
    1,238
    Trophy Points:
    143
    Gender:
    Male
    Occupation:
    service tech
    Location: (Country, Region - and perhaps even City?):
    NJ
    Local Time:
    2:57 PM
    Where do you find your api
     
  6. PupGizmo
    Offline

    PupGizmo DramaLlama

    Joined:
    Jul 22, 2018
    Messages:
    17
    Likes Received:
    17
    Trophy Points:
    3
    Gender:
    Male
    Occupation:
    IT
    Location: (Country, Region - and perhaps even City?):
    Mi, USA
    Local Time:
    2:57 PM
    Hi all!
    To answer from shortest to longest response:

    @TheRealAdam The last dev update on the blog or the wiki was in 2018 and there's no link to reach out the dev. I could reach out but it does seem like there's no active development on the site. :\

    @maid julie you find the api information in settings (it's the gear icon at the top of the emlalock page) and then in the "api" tab next to personal and emlalock. The link above is the existing documentation for the api, though, as cited here - atm it needs some troubleshooting.

    @Juan. Wow, you did find those syntax errors! I haven't yet had success getting something to go through, and I'm wondering if the api is really more broken then when I last messed with this about 12 months ago. Or maybe some things work and some things don't..... I'll keep fussing with it.

    THANK YOU.

    I did try refreshing the api key on the dummy account with the live session, and updating the link with the new api key. Sadly, this has not brought about a fast fix. I am undeterred though.

    I've seen folks wanting to build a new website, which I can certainly appreciate the desire for. But I think emlalock already shows off how much work that is for a volunteer, hobby project. I'd rather take the existing api, in whatever state it's in, and work on making a simple tool to work in tandem to what exists. And, frankly, I don't have the skills to build a whole website, or the time to do project management, or the desire to hold volunteer feets to the fire to get a project done.
     
  7. PupGizmo
    Offline

    PupGizmo DramaLlama

    Joined:
    Jul 22, 2018
    Messages:
    17
    Likes Received:
    17
    Trophy Points:
    3
    Gender:
    Male
    Occupation:
    IT
    Location: (Country, Region - and perhaps even City?):
    Mi, USA
    Local Time:
    2:57 PM
    That said, looking at how old the documentation is, and how little work has gone to the site (at least that's published)
    And I have to make a PSA about uploading a photo of your lock and trusting the emlalock servers to be up when your session is done....
    y'all, keep a backup. Destroys the illusion sure but, keep the backup, lol.
     
  8. maid julie
    Offline

    maid julie Long term member

    Joined:
    Feb 11, 2015
    Messages:
    1,569
    Likes Received:
    1,238
    Trophy Points:
    143
    Gender:
    Male
    Occupation:
    service tech
    Location: (Country, Region - and perhaps even City?):
    NJ
    Local Time:
    2:57 PM
    Thanks I found it no clue as to what I can do with it but now know what people are talking about
     
  9. TheRealAdam
    Offline

    TheRealAdam Long term member

    Joined:
    Sep 29, 2019
    Messages:
    155
    Likes Received:
    249
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Software engineer + First aid instructor
    Local Time:
    7:57 PM
    I have the same experience with commercial sites (for my job). Documentation is outdated, is missing parts or is plain wrong. Or the implementation is different.
    It makes our work interesting.
     
  10. Juan.
    Offline

    Juan. Long term member

    Joined:
    Apr 8, 2018
    Messages:
    206
    Likes Received:
    127
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Computer engineer
    Location: (Country, Region - and perhaps even City?):
    Spain
    Local Time:
    7:57 PM
    I tried at home with the data you provided and using on the info call as it is dont need anything else that an existing user, the answer is a generic 404 error so the API is broken

    The lib which i use to try it is a self made one that i use for API and Web Stuff, you get the headers of the response or even include some other headers to send

    At this point your only option it is to use the calls that the web uses as i guess the site will use more or less similar calls, today is easy doned, you press F12 to enter in the developer mode, go to network, clear all the stuff there and press the button, that call that you can see in the get/post method it is the one it is used

    And if you take my suggestion never use an API if you can avoid, APIs changes much more than webs structure so in the long run it will require more effort and in many cases you get less as usually they are not as complete as the human interface you get via normal use, i learned this lesson long ago the hard way, that's why i have my own library which usually fakes what a person would do instead of using the "proper" way
     
  11. trenck
    Offline

    trenck Active member

    Joined:
    Dec 21, 2019
    Messages:
    113
    Likes Received:
    55
    Trophy Points:
    28
    Gender:
    Male
    Local Time:
    7:57 PM
    It should normally be the other way round, as an API has a specification while web pages aren't specified to stay the same. E.g. the Openstreetmap API has complied to its specification since project start, and the lastest API version has stayed the same for 11 years, while there were some changes in the website structure.

    But Emalock is owned by someone who just doesn't care if it works as long as most users don't notice and still donate for the site.

    I was told that he is now building up a gamer community on Discord (a site operated by criminals and targeted at teenage gamers) and there is supposed to be a "discord bot with its own API", for which no specifications are known.

    On the positive side, the removal of the classical API is better than continuing it with its horrible bugs. One of those bugs enabled the lockee to finish the session at any time by decreasing its maximum duration. That was the reason why I left Emlalock for good and moved over to thechaste.com. Now that the API is gone, that bug exploit is gone too, and real sessions become possible. I might be tempted to start a session there again, out of curiosity.

    That said, there are dozens of serious bugs left even without the API.
     
  12. Juan.
    Offline

    Juan. Long term member

    Joined:
    Apr 8, 2018
    Messages:
    206
    Likes Received:
    127
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Computer engineer
    Location: (Country, Region - and perhaps even City?):
    Spain
    Local Time:
    7:57 PM
    It should but it is not what happens, Amazon for example do this all the time, they re do their API again an again, well, they launch a new version so you can still use the one you are using and get some time to upgrade to the new, Twitch for example has had 5 or 6 APIs and it is a streaming page with an API not very complex. Amazon policy it is to only maintain 2 versions at the same time, so if you use version 4 and they launch version 6 the api will stop working soon

    Being a solo developer like Emalock or a bigger company it is the same, API are a mess, it is rare that they are taked care and being well documented and updated, after all cost money or time to have a good API, in many cases the API it is just to have it as many other things like social media that are never used, they exist simply because it was part of the client requiriments, only for the power point like other words like cloud, agile, new technology,.... That´s why API sucks, they are an obligation that offers no value to the client more than say on their web that they are serious and have and API, they dont really care at all and of course, they want the projecto to cost at less as posible

    A tiny secret, my clients pay for me around 80-100€/hour, i only get 8 so as you can imagine having a developer like me spending 100 extra hours on the API is a no no, imagine what happens on other countries less cheaper that Spain, much more cost, in the end it is a money issue, even if i work for the client it is still a cost, the 100 hours could be spended on something more important as it is usually the case. 100 hours only gets a mediocre API, something professional and nice will need at least 1000

    That's why my suggestion and my experience is to try to avoid APIs if you can. And not only for being able to use tomorrow, in most of the cases using an API is like putting a chain around your neck, the API key are for tracking as usually you are limited of how many things per hour/day you can do, do you want more? Pay extra, that dont happen on a regular html page
     
  13. Disciplined Boyfriend
    Online

    Joined:
    Jan 23, 2014
    Messages:
    1,603
    Likes Received:
    3,144
    Trophy Points:
    143
    Gender:
    Male
    Location: (Country, Region - and perhaps even City?):
    NE Scotland
    Home Page:
    Local Time:
    6:57 PM
    The response is 404 which is not found and shouldn't refer to any invalid parameters which are documented as 400.

    The other thing of note is that this is documented as a GET, my thoughts are this should be a POST since it is changing data, not just reading it. That would definitely give a 404 - not found by using the wrong HTTP verb

    Have you tried it in Postman (or similar)?
     
  14. trenck
    Offline

    trenck Active member

    Joined:
    Dec 21, 2019
    Messages:
    113
    Likes Received:
    55
    Trophy Points:
    28
    Gender:
    Male
    Local Time:
    7:57 PM
    @juan: I agree that an API is a pain in the ass the functions are re-implemented for it and then exist twice. Redundant implementions are hard to maintain and a breeding ground for bugs. That's why my suggested design for a new site is based on all backend functions being implemented by the API only.

    The Emlalock API, however, comprised such a tiny set of functions that it remained easy to maintain despite the redundancy. The known bugs could have been fixed within a few minutes. You can't blame the concept of APIs when a developer refuses to take a minute to fix a bug. That's like blaming the concept of surgery when a surgeon leaves the operation halfway to watch a football match on TV.

    @D.B.: The difference between GET and POST isn't about changing the data, but about how the parameters are transmitted. GET has all the parameters in the URL, which doesn't allow for transmitting files, but apart from that you could transmit the whole bible in your query string. You don't even need CGI parameters at all to change data on the server. Let's say, you have a script create_everything.php and a script delete_everything.php. They obviously change data without requiring a parameter.
     
  15. Disciplined Boyfriend
    Online

    Joined:
    Jan 23, 2014
    Messages:
    1,603
    Likes Received:
    3,144
    Trophy Points:
    143
    Gender:
    Male
    Location: (Country, Region - and perhaps even City?):
    NE Scotland
    Home Page:
    Local Time:
    6:57 PM
    Using a Get when Post is or vice-versa usually returns a 404, or a 403 if the server returns 404 doesn't matter about the query parameters of the form
     
  16. trenck
    Offline

    trenck Active member

    Joined:
    Dec 21, 2019
    Messages:
    113
    Likes Received:
    55
    Trophy Points:
    28
    Gender:
    Male
    Local Time:
    7:57 PM
    That's plain wrong. The correct status code for that case is 405 "Method Not Allowed".
    CGI scripts usually don't check whether it's GET or POST, because they get their parameters either way.
     
  17. Disciplined Boyfriend
    Online

    Joined:
    Jan 23, 2014
    Messages:
    1,603
    Likes Received:
    3,144
    Trophy Points:
    143
    Gender:
    Male
    Location: (Country, Region - and perhaps even City?):
    NE Scotland
    Home Page:
    Local Time:
    6:57 PM
    sorry. Yes that should read 404 or 405. And a lot of modern REST services DO check and care and that why I suggested to change the verb.
    ASP. NET in particular will return a 404 for wrong verb for a controller action, 405 for a API controller and quietly return a 200 OK if it can't find an action with correct parameters
     
  18. trenck
    Offline

    trenck Active member

    Joined:
    Dec 21, 2019
    Messages:
    113
    Likes Received:
    55
    Trophy Points:
    28
    Gender:
    Male
    Local Time:
    7:57 PM
    We can lough at Microsoft products and their users all day, but Emlalock runs on linux, as does Chastity Mansion.
     
  19. Disciplined Boyfriend
    Online

    Joined:
    Jan 23, 2014
    Messages:
    1,603
    Likes Received:
    3,144
    Trophy Points:
    143
    Gender:
    Male
    Location: (Country, Region - and perhaps even City?):
    NE Scotland
    Home Page:
    Local Time:
    6:57 PM
    And how is that helpful in getting the OP's cry of help in getting an API call to work?

    The argument between *nix's and Windoze has been dragging on for decades now, and I'm bored with the arguments on both sides. I've written systems without either of them that have never been restarted in over 20 years except when power was lost.

    FWIW, ASP.NET Core will quite happily run on Linix with Nginx as a load balancer
     
  20. Juan.
    Offline

    Juan. Long term member

    Joined:
    Apr 8, 2018
    Messages:
    206
    Likes Received:
    127
    Trophy Points:
    53
    Gender:
    Male
    Occupation:
    Computer engineer
    Location: (Country, Region - and perhaps even City?):
    Spain
    Local Time:
    7:57 PM
    As a developer there are a tons of reasons why anyone cant fix or touch things, because i dont know if it is pure laziness or a serious matter i will always stick with the second part, if it is really easy and it is not done it is for something

    And implementing a REST/API/ Whatever you want to call it is not perfect, the industry dont use that aproach very often because it is worst, it only work if you really nailed the API at the first try and will only keep working if nothing changes, if you want to improve or add something maybe you will have a hell on yours hands
     
  21. trenck
    Offline

    trenck Active member

    Joined:
    Dec 21, 2019
    Messages:
    113
    Likes Received:
    55
    Trophy Points:
    28
    Gender:
    Male
    Local Time:
    7:57 PM
    It is helpful because it gives the thread starter the information that the GET vs. POST issue that you mentioned can't be the cause for his problems.

    It's obvious that he can't get the API call to work when it is gone on the server side. The only way to get it to work is to contact the admin, who, however, is known to ignore all messages sent to him via the contact page on the website.

    The best advice we can give to PupGizmo is to stop wasting his time with Emlalock and to support building up a new site instead that will be based upon open source software.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice