npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@outboard7/nexus-api

v1.4.27

Published

API for the Nexus Mods page

Downloads

8

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

outboard7outboard7

Keywords

Readme

Nexus API

Introduction

The Nexus API provides applications access to Nexus Mods metadata including lists of games, mods and individual files, version information and so on.

Authorization

All requests must identify the user and the application which is making the request. To achieve this, a set of parameters must be set in the header of all requests.

APIKEY

An APIKEY can be created for a specific user and a specific application on the Nexus Mods website. This key can be manually copied into your application and used when generating requests. Alternatively, a websocket-based Single Sign-On system can be used as described further down.

Based on this key, access for individual users or applications can be revoked (by Nexus Mods or the user himself), and access rights can be restricted (e.g. an application might be allowed to read mod meta data but not to make endorsements in the name of the user), finally, the key can also be used for network traffic throttling.

For this reason it's not acceptable for an application to use API keys created for other applications.

Before API Keys for your application can be generated you have to register your application with Nexus Mods. You will be assigned an appid.

Protocol-Version

The protocol version identifies the exact protocol the client expects from the server and allows us to make improvements to the API without breaking older clients. This version is set automatically by this library and there is no good reason to override it.

Application-Version

The application version - which has to follow semantic versioning guidelines - identifies the version of your application and may be used to work around problems without affecting all users of the application.

E.g. if one version of your application has a bug that leads to it spamming a certain request, we might block that request for that application version without affecting other versions which don't have the problem.

Therefore it's in your, and your users best interest to provide a version in the right format and keeping it up-to-date.

Single Sign-On

As described above, an APIKEY can be generated using a websocket-based protocol. This is not part of this library.

Process

  • Generate a random unique id (we suggest uuid v4)
  • Create a websocket connection to wss://sso.nexusmods.com
  • When the connection is established, send a JSON encoded message containing the id you just generated and the appid you got on registration. Example: { "id": "4c694264-1fdb-48c6-a5a0-8edd9e53c7a6", "appid": "your_fancy_app" }
  • From now on, until the connection is closed, send a websocket ping once every 30 seconds.
  • Have the user open https://www.nexusmods.com/sso?id=xyz (id being the random id you generated in step 1) in the default browser
  • On the website users will be asked to log-in to Nexus Mods if they aren't already. Then they will be asked to authorize your application to use their account.
  • Once the user confirms, a message will be sent to your websocket with the APIKEY (not encoded, just the plain key). This is the only non-error message you will ever receive from the server.
  • Save away the key and close the connection.

API Reference

All relevant functionality is accessible through the Nexus class.

The API may throw a bunch of Custom Errors.

Throttling

The library implements request throttling to avoid spamming the API. This is done on two levels: The client will use a quota of 300 (600 for premium) requests that can be used in bursts but only recover one request per second so it won't allow for sustained high traffic.

the server will also reject requests if traffic is to high both total traffic and per user by replying with a HTTP message code 429. In this event the api will reset it's quota to 0.

Please note that tampering with this throttling may lead to more requests being blocked, resulting in even worse performance for your users, or - in extreme cases - even revocation of API Keys.

Feedback API

The library contains a feedback API but it's only intended for internal use

OAuth support

Experimental support for OAuth/JWT has been added to this library.

Gaining a JWT is not part of this library.

Once you have a JWT, refreshToken and fingerprint you can create a client like so:

const credentials = {
    token: '<<JWT>>',
    refreshToken: '<<REFRESH_TOKEN>>',
    fingerprint: '<<FINGERPRINT>>',
};

const config = {
    id: '<<OAUTH_CLIENT_ID>>',
    secret: '<<OAUTH_CLIENT_SECRET>>',
};

const appName = '<<YOUR_APP_NAME>>';
const appVersion = '<<YOUR_APP_VERSION>>';
const defaultGame = '1';

const client = Nexus.createWithOAuth(credentials, config, appName, appVersion, defaultGame).then(nexus => {
    console.log(`Hello your Nexus client is here: ${nexus}`);
});

The client handles dealing with expired tokens by calling a refresh token endpoint. An instance of the client will retain these new credentials for the next time a request is made. But when you next create a client instance, it is your responsibility to provide these new credentials from your storage mechanism.

You can listen to credential refreshes and pass them to your app for storage and later re-use:

const callback = () => {
    console.log(`We have received new credentials: ${credentials}. They should now be stored somewhere.`);
}

const client = Nexus.createWithOAuth(credentials, config, appName, appVersion, defaultGame, timeout, callback).then(nexus => {
    ...
});