Hi zoowar, thank you for catching the no-ssl issue. We are working with our host to have that fixed today. I'll update everyone when ssl is setup because we do want to make the site secure.
Also, your splash page is confusing. An 'authenticate with netflix' button would be better. If you need users to 'sign up' with your site, make that a seperate and distinct operation.
Nope, not giving you my Netflix password at least until I know exactly how this works and whether it's worth the risk. A demo, a video, a description, something.
Hi enjo, we are using OAuth to access Netflix data. The reason we need your login credentials is because we first need to get your permission to access your Netflix Instant Queue data. The process of linking your Netflix account with Qpicker is only done once and you can always remove this permission from your Netflix account under "Manage applications".
No, you redirect to Netflix as part of the authorize phase. The user may then login to Netflix after which they will be given the option to authorize your app. If they do, you will receive token credentials enabling you to access the user's Netflix data. The whole point of OAuth is that you don't need the user's login credentials.
Hi marcc, actually it is done correctly and that is how OAuth works. In order to get the user access token the user has to first login to authenticate they are the rightful owner of the account and then grant access to the application. In our case, we could have sent the user to Netflix to login or we could have asked for the credentials on Qpicker and sent the details to Netflix who handles the authentication/access control.
Hi glenra, Qpicker was a simple project we put together because had about 100+ movies in our Netflix Instant Queue. The problem was we were interested in watching all of the movies in our Instant Queue but couldn't make our mind up what to watch. The result was a simple and fun project called Qpicker.
You still haven't said what the project DOES! Okay, fine, it picks a movie from somebody's netflix list. But HOW does it pick it? At random? Top of the list? Bottom of the list? Highest star rating? Can you at least give people a HINT as to what makes your project useful or fun or even "simple" compared to the alternative of picking a movie from the list ourselves? (I regard picking movies myself more "simple" because it doesn't require bookmarking a new site or trusting random strangers with my account info.)
Instead, they send them in plain text over the network!
From wireshark: email=hello&password=hackers&Login=Get+my+Netflix+Instant+Q
PS: no ssl support (https://www.qpicker.com/)