1

I have a Django app deployed on server. The application has code that makes requests to the unofficial Instagram API. Since the requests are made from the ip and user agent of the server, Instagram perceives this as a suspicious login attempt. Is there a way to make API requests using the ip and user agent of the user who clicks the button?

I am expecting to somehow get data from API when the request was executed from user's ip and user-agent

begletsoid
  • 11
  • 1
  • Does your server need the actual response at all? Can you have the user's browser send the request via JS outside the context of your server? – JonSG Feb 21 '23 at 15:50
  • @JonSG Yes, server need actual response – begletsoid Feb 22 '23 at 07:13
  • Does the API request have a key that you need to keep secret or is it a public end point. Conceptually, I have have the client do the request and then pass the data back to the host. Cookie? Header? Socket? I'm not really sure how I would do the pass back, perhaps even a javascript post. That is just what my gut tells me is a path forward. Seems like a potential for abuse though. – JonSG Feb 22 '23 at 13:41
  • @JonSG The data from API is public. Ok then, how to implement executing API request by user, who clicked a button on the site? – begletsoid Feb 22 '23 at 14:27
  • You might use something like `await fetch('/my/url');` to get a response from the API. I recommend re-asking this with a javascript tag rather than python as most of the work will be done by the client in javascript. – JonSG Feb 22 '23 at 14:32

0 Answers0