View Single Post
08/04/22, 09:51 PM   #51
cyxui
AddOn Author - Click to view addons
Join Date: Nov 2015
Posts: 61
Originally Posted by sirinsidiator View Post
I've seen worse... The last time I looked into their API it was relatively straight forward (I use this package as well as their wordpress plugin), but I have to admit I don't use events or webhooks directly and only retrieved data about patrons on demand.
I also don't think it's possible to create a pledge without paying. Last time I checked you will be charged immediately when you pledge to someone, even if it's the last day of a month (in which case the patron will get charged twice and may ask you for a refund). On the off chance that someone pledges to get a reward and then asks their bank for a refund (= chargeback fraud, which afaik gets their bank account banned from patreon if they do it too often) you could still run a cronjob to sync the status via the api to lock them out after a while.
My problem is that they only provided the API for the happy path and 0 protection for exploits.

Couple red flags I see are

https://support.patreon.com/hc/en-us...46-Patreon-API
"As of June 22nd, 2020, we no longer provide Patreon developer support for our API due to resource constraints. Endpoints will continue to function as normal, and you can also find peer-to-peer resources in our Tech and Dev channel on Discord."

"Unfortunately, at this time, we do not offer a separate testing/sandbox API."

"Fires when a user stops pledging or the pledge is cancelled altogether. Does not fire for pledge pausing, as the pledge still exists."

and then

"APIv2 is still in beta, and while the scopes and endpoints are stable, the specific properties returned on the resources may change."

yea great so property might even change within the same API version. Why bother versioning it after all. Best part is that v1 is deprecating and V2 is not even stable.

I initially thought Paypal's API was bad enough but Patreon is just another level lol
  Reply With Quote