Vex Forum Phone App


#1

I just have a request.
Because of how busy I normally am, I normally find it quite hard to find myself with the free time to check the vex forums on an actual computer. I often just check it on my web browser on my phone but I feel that, although it’s “okay” but not great. An actual android and iOS app for the vex forums would be great. It would allow a much cleaner environment for keeping up to date on the forums.

App Ideas:
-Dark mode ( like the suggestion for dark mode in robot c brought up by @Unionjackjz1 ) to allow for late night searches

-Almost like a Reddit feel to its looks but simpler, making it clean and colorful

-Quick response by pressing and holding on a name like Instagram’s tag feature

The list can go on.
Let me know if you guys would want this to happen and how we should get it made

Chady


#2

I agree here completely

An app would be great. Going to Reddit, I rarely use reddit on a computer. I only use it on my phone because it is easier to use. I would be on the forums a lot more if there was an app, just like with Reddit.

@phantom64030X Isn’t it possible to make an app without VEX? Like Alien Blue wasn’t an official reddit app (I don’t think so at least) and it worked just like reddit.

Phantom, if it is possible, message me on Discord. We will have some work to do :wink:

~Jack

(And yes, I prefer Alien Blue over reddit still. The full screen makes the difference)


#3

I’d be down to design the UI for this, if any of you wanna program this, HMU!


#4

Vex pls hire me to make dis app. You’ll probably spend like $30,000 if you actually get a team or whatever but ill do it rn for 100 lol. @Andrew Chang Yes you can design the UI and I’ll program it.
One problem, I can only do iOS. If anyone else knows how to do it for Android we should totally team up.
But vex we need access to the back end pls I’ll do it for free.


#5

This forum runs on esoTalk (look in the bottom left hand corner here to see this is run on esoTalk). It appears esoTalk is being phased out and the successor is Flarum. But Flarum is still in beta.

http://esotalk.org/

http://flarum.org/

Flarum has a different UI and is mobile enabled. It also has API built in so if you wanted to go and make a mobile app you could. Some people are trying with ionic to do just that. But it appears to be a high hurdle.


#6

Is VEXforum going to upgrade to flarum?

@Karthik @DRow


#7

The html of vex forum is quite simple and easily parseable, it wouldn’t be very difficult to convert the HTML to a data object of some kind


#8

I dont think so Andrew. They only upgraded to eso like what? A year ago? But it really would be nice. The one thing I really hate about this forum is the search. It’s sooo bad.


#9

@MayorMonty You dont want to use a web scraper
There will be like a 5 minute delay to post something
And even then that type of traffic isnt easy to handle with like 30 people
No one would want to host that
Would be easier if I just used POST


#10

For me, posts are reflected on the forum instantly, you could just embed the HTML parser inside the app. And of course, you would use POST wherever it was needed (posting, logging in). Speaking of logging in, it would be unsafe to store the username and password on the device, but without a central API, doing anything else would be impossible.


#11

Not really. Ever heard hashing with salt?


#12

Yes, once Flarum releases a stable version, the VEX Forum will migrate to that.


#13

Once you hash it, you cannot unhash (that’s the whole point!), and since your browser cookie is going to expire eventually (in 30 days, I think), and the user would have to reenter their username and password, negating the need to store the hash in the first place


#14

You don’t store the password on the device, you store the hash. The password the user enters is hashed and is checked with the stored hash. If it matches, the user is in. If it doesn’t, then login is failed. The user’s actual password never reaches the server.


#15

@phantom64030X How do you get the hash, if the password never reaches the server? Without some interaction with the server, you cannot verify accounts (or agent as the user, regardless)


#16

The phone does it locally using the same hashing algorithm.


#17

@phantom64030X Let’s make sure we’re operating on the same set of assumptions:
(1) There is no central API provided by VEX.
(2) We are interfacing with https://vexforum.com/ through some sort of headless browser, akin to, say, phantom.js, in Node.js (in this case, phantom is a C++/C binding of Chromium)
(3) Because of 1 and 2, in order to log in, we will need to accept the account’s username and password in the app (at some point), and use our headless browser to “log in” the user.

When the user logged in, the server will send the user agent a session id which it can use in place of those credentials in the future, similar to an OAuth Token (to see your session id, open up the developer console in your web browser and enter


document.cookie

, the characters after


VEX_Forum_session=

and before the semicolon is your token). However there is one key difference between an OAuth token and one of these session ids; they’re only valid for a certain period of time, 30 days in our case, IIRC (OAuth tokens must be manually revoked by the user). You know how every now and then, a little red notification at the bottom of your screen will appear, and you have to login again (even if you’re browser autofills the result)? That is your browser cookie expiring, requiring you to login to refresh the cookie. Now take a look at the Official Reddit App, it’s function is almost identical to what we’re try to do here (I’ve even registered r/vexforum in case the community would want a subreddit that mirrors the forums, via a bot). Regardless, when you log in using the Reddit App, you never have to reenter the password, and it doesn’t store the password on the device. How? It uses OAuth 2.0 (and has an actually API), as opposed to our options: imitating a browser. The only way to emulate an experience similar to that app would be to store the password (encrypted or not) on the device, or to require the user of the app to re-login every 30 days, which would not be a good experience.


#18

Oh lol we def weren’t on the same page. Yes, I actually was planning to use PhantomJS with CasperJS to create a demo. In that case, it would be required to transfer the user’s password across to the phantomjs
server. But, it would just be a demo. If we were to do this for real, we would need access to the forums backend to avoid being highly vulnerable and slow. Plus, no one would have to host a stupid phantom server.


#19

@phantom64030X If you’re going to use Node, I would recommend Nightmare.js, it takes advantage of ES6/7 features to give a much cleaner syntax


#20

I think we should wait for flarum. It will be much easier to do on flarum as it exposes an API. I know the docs are not much. Maybe that is why it is still beta.

http://flarum.org/docs/api/

You would have the app in the phone store the user credentials (please in the secure enclave if you can) and get a new token for the interaction (not sure the time to live on the token). Then you have plenty of API’s for interacting with the forum. Not sure how BBCODE markup works in the API. I guess you need to process it from the JSON message you get back.

For hosted flarum on the web, there are improvements over EsoTalk too. Look at an example post in Flarum and see some cool new items not in EsoTalk:

https://discuss.flarum.org/d/3343-how-production-ready-are-you

  1. Hover over the icon of the person or their user ID, you get a popup. That’d be nice to see some info on the person, robot, or team.
  2. The right hand side scrolly thing has a count of the messages, links to top and bottom thread
  3. Likes of a post below it from other users
  4. Reply to links from a post below the original post with hover over to read the first lines.
  5. Scroll to load more versus pushing a button
  6. hover over the left side to get a list of messages
  7. color code of the discussion topics

What I don’t see are footers.