On Mon, Jan 13, 2020 at 9:57 AM Baskauf, Steven James <
steve.baskauf(a)vanderbilt.edu> wrote:
1. The bot account doesn't have a bot flag.
https://www.wikidata.org/wiki/Wikidata:Requests_for_permissions/Bot/Danmich…
implies that the lack of a bot flag might be the problem. But the script is
not an autonomous bot and is still under development, so I didn't think a
bot flag was necessary under those circumstances.
This is relevant only in that the bot group includes the "noratelimit"
right, which bypasses rate limiting in many cases.
2. I'm not running the script from
paws.wmflabs.org . Is it a problem
that the API calls are coming from an unknown IP address? Does that matter?
3. I'm not using Pywikibot. But that shouldn't be necessary.
Neither of these should be relevant.
On the other hand, a relevant factor is that only certain actions are
subject to the rate limits, and different actions have different limits.
The other user you discussed it with may have been using different actions
that aren't limited, or that have limits he wasn't hitting.
The other thing that is different about what I'm
doing and what is being
done by the other user who is not encountering this problem is that I'm
authenticating directly by establishing a session when the script starts
(lines 347-349). The other user apparently somehow doesn't have to
authenticate when using Pywikibot as long as he's logged in to
paws.wmflabs.org . But I haven't dug in to find out how Pywikibot works,
so I don't really understand how that is possible or whether that's
important in establishing that the bot is legitimate and not a vandal/spam
bot.
He may be using OAuth. See
https://www.mediawiki.org/wiki/OAuth/For_Developers and
https://www.mediawiki.org/wiki/OAuth/Owner-only_consumers for some details.
--
Brad Jorsch (Anomie)
Senior Software Engineer
Wikimedia Foundation