Question: How to curl the lemmy API?
I've seen these posts
But actually I haven't been able to figure out exactly how to get the posts a user has made in lemmy. I've seen this page but I think this is for a different lemmy instance, I'm not sure https://join-lemmy.org/api/interfaces/GetPosts.html
Can anyone point me to a documentation on how to make this?
curl 'https://lemmy.world/api/v3/user?username=egeres&sort=New&page=1&limit=20' | jq .posts
https://join-lemmy.org/api/classes/LemmyHttp.html#getPersonDetails
The documentation is really terrible and the developers try to defend it anyways.
Some instances also employ cloudflare or other anti-ddos techniques that make automated API usage impossible.
Unofficial documentation using OpenAPI is here @egeres@lemmy.world .
Btw, the user interface uses the same API. Just open the web developer tools in your browser and look at the network tab.
Anti Commercial-AI license
This is still written from a javascript perspective and assumes many things that are not true when using other approaches to calling the endpoints.
(Author btw)
Can you expand on this? This was written for Kotlin usage. It automates generating API based on this spec.
I have no idea what you mean with 'using other approaches to calling the endpoints'
Lemmy has only one API. It's same API used for lemmy-ui.
This is just a "better" documentation for it.
The API works for for cloudfare instances too.
There is also a swagger ui variant
https://mv-gh.github.io/lemmy_openapi_spec/swagger_ui.html
This thread sums everything up nicely I think: https://lemmy.ml/post/98675/95459
And for programming.dev specifically, the API did not work for me when they had CF bot protection turned on (endpoints always returned the "Just a moment..." bot check html), it was only after it was turned off a few days ago that it started working for me, because CF doesn't like my IP/browser/something and always gives me endless captcha loops. Previously their stance was that bot IPs had to be explicitly whitelisted to be allowed on their server.
I do not see how critisms for the JS API docs are relevant for my openapi documentation.
This documentation aims to solve all those problems in a language agnostic way. It descibes the endpoints, the request object, the status, the response object, the authentication needed in visual/text. It allows you test it right from the browser, allows you to copy a working curl command, search for endpoints based on keywords, allows you to import the entire spec into postman/alts.
I ve never had any problems with CF instances but I mostly test with voyager.lemmy.ml
Yours is a little bit easier to read, but my main problems remain the same. Here's some initial comments looking at your swagger link from the perspective of a user who is brand new to the lemmy API (and doesn't use Javascript):
I can't tell what the general flow of the API usage in general is. Am I supposed to login/authorize somehow first? Some common examples, especially in at least one programming language (whether that's curl or python or whatever) I think would go a long way to help people understand what they're supposed to do.
How do I know if I need to authorize for a particular endpoint?
What is the entire URL for any given endpoint? It's never really explained clearly.
What is this "servers" dropdown? What's the difference between those?
Endpoint descriptions are often unhelpful.
/user
says "Get the details for a person." It doesn't tell me this is actually how I'm supposed to find their comments or posts. Nothing tells us this.We have to guess what endpoint we might need for a lot of things. Example:
/post/like
is also for dislikes, but it doesn't tell you that. It also never tells you HOW to like or dislike anything, the valid values ofscore
do not appear to be documented. And you're left to assume that's the right field to even use for it.What is the content type of the request supposed to be? JSON is never mentioned anywhere.
What are these named "parameters"? Is that a query parameter? Why does it say "object" and "(query)"? Does this parameter go in the request body instead?
/user
shows a parameter called "GetPersonDetails" except in reality this name is (I guess) supposed to be completely ignored, because no part of the request actually uses the string "GetPersonDetails".Schema is missing for many endpoints, like the request part of
/user
.What are all these fields under "GetPersonDetails"? Are they all required? Only some? It doesn't say anything about it.
Many of the possible error codes are undocumented.
There's probably more but that's the main stuff I think.
This could use indeed some work
openapi spec allows one to specify the authentication, this has not be done already because there is an open issue to include auth in
lemmy-js-client
(I use this to generate the spec) + Need to figure the best approach to convey "elevated" auth endpoints. Endpoints like GetSite where authentication enhances the response.They are actually summaries, they are fine imo. There is an open issue to add the descriptions though.
Yes indeed, things like this should be documented in the description.
This is explicitly mentioned on every request, visually and in the spec.
Query is mentioned when they are query parameters, else it just a request body. This is pretty clear in the text (spec) or visually imo.
GetPersonDetails
is the name of the object if you scroll all the way to the bottom you can inspect it. This more clear in the spec.There is not a single endpoint missing nor its requests.
This could be improved.
Status codes? or the 400 lemmy error? ex:
{ error: "report_reason_required" }
Status codes are the same everywhere, 200/201 or 400 with Lemmy error as response. There is one exception that is 401 that can be thrown for every auth required endpoint where auth fails. But these are standard. Ig this should documented.Now the "LemmyErrorTypes". This could be improved, but it is hard to, not possible to be automated and tedious to add and frequently changes.
Thanks for the feedback.
Confused what you mean. OpenAPI has nothing to do with JS.
Thank you so much!!!
I've found this more understandable.
I've also hacked together a quick thing for spamwaves that were happening last year here.
The purpose of that script is to ban, but there're auth bits that might help you get a grasp on your task.
+1 for lemmy.readme.io, it's much easier to read than a JS lib documentation.
Looks like the best openapi front. I looked into using it, but it didn't seem free. Too bad this one is outdated. Lemmys API has changed quiet a bit since then.
readme.com (aka readme.io) ain't libre, but it has a free plan.
I also think it's a bit on the heavy side, but what isn't these days...
Ah yes, all though I ve never really experienced HTTP days in their full glory
I'll look into using it. If it has a github action or easy way to publish it from cli
Many thanks!! I'm just trying to make a silly script to plot how often I comment on lemmy over time :)
You can see the URL and request body from LemmyHttp class method docs: https://join-lemmy.org/api/classes/LemmyHttp.html#getPosts
I really do not like these docs and find it extremely confusing for anyone not using Javascript. For example that "form" parameter that's on almost everything, doesn't even exist and can't be used when you're using curl, but it doesn't tell you that.