1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53#!/usr/bin/env python3 import json from hashlib import sha256 from urllib.request import Request, urlopen from urllib.parse import urlencode from os import environ def record_participation(email, project_slug): """Record participation for the specified user in the specified project This will appear to succeed, regardless of whether the user is actually a SciStarter user or not. However, in that case this API call is a no-op. It only reports an error if the request is incorrect in some way. If the email address does *not* belong to a SciStarter user, all we've received is an opaque hash value, which preserves the user's privacy; we have no way of reversing the hashing process to discover the email. The project_slug parameter should contain the textual unique identifier of the project. It is easily accesible from the project URL. In the URL https://scistarter.org/airborne-walrus-capture the slug is the string airborne-walrus-capture """ hashed = sha256(email.encode("utf8")).hexdigest() req = Request( method="POST", url="https://scistarter.org/api/participation/hashed/" + project_slug + "?key=" + environ["SCISTARTER_API_KEY"], data=urlencode( { "hashed": hashed, "type": "classification", # other options: 'collection', 'signup' "duration": 31, # Seconds the user spent participating, or an estimate } ).encode("utf8"), ) r = urlopen(req) if r.status != 200: raise Exception(r.status, r.reason) return json.loads(r.read()) if __name__ == "__main__": print(record_participation(input("Email: "), input("Project slug: ")))
Website Security Test