Skip to main content

Hi, I'm using webhooks to see when users create new activities. This is to then be able to retrieve each activity's stream in real time.

The problem, however, is that if the user is not logged in to my app when I get my webhook, I cannot run the request required to retrieve more information about the user's activity, as I do not save the user's accesToken and refreshToken in my database, unless it is saved via local storage.

What I can do is save the id of the activities that have been created sometimes the user has not been active on my app in my mysql database, and then when the user logs in again, I get all the streams then.

The problem with that is above all that it won't be realtime. But the other problem is that the rate limits do not allow me to send requests to get these streams from all assets if there are x number.

Of course, I can always split it up and wait 15 minutes between each request if I take 10 or 20 at a time, but then it's not certain that the user is still there.

Is there a reason you're not saving the tokens? It would solve a lot of the issues you're running in to since you can use it to get a new token for the user and process their activities without requiring them to sign in to your app. That means you could spread out the requests to stay within your API limit, and you will likely have that data ready the next time they log in rather than making them wait.

If you really don't want to save the tokens then you'll have to do as much as you can with the token you get when the user logs in. Each token has an expiration which is a few hours, so even if they're not actively logged in you should still be able to use the token for a few hours and spread out requests. Depending on what activity data you need, you can potentially reduce the number of API calls by using https://developers.strava.com/docs/reference/#api-Activities-getLoggedInAthleteActivities to retrieve data for multiple activities in recent history. Instead of using the webhook to store activity IDs, just use your database to store the user's last login time and call getLoggedInAthleteActivities with after set to that timestamp.

Note: If you're going to be storing tokens in a database, do it safely.

https://developers.google.com/identity/protocols/oauth2/resources/best-practices

https://stateful.com/blog/oauth-refresh-token-best-practices

etc...


Reply