Douche-B-Gone: forcing an API upon OkCupid to bulk block users

okcupid.rb

# DEMO: https://douche-b-gone.herokuapp.com/

require "httparty"

class Okcupid

  def initialize(username: nil, password: nil)
    @username = username
    @password = password

    get_authcode
    get_session
  end

  def hide_users(usernames)
    usernames.each do |username|
      HTTParty.post( "https://api.okcupid.com/profile/#{username}/hide",
        query: { access_token: @authcode },
        headers: { "Cookie" => "session=#{@session}" }
      )

      #sleep 1
    end
  end

private

  def guest_id
    @guest_id ||= SecureRandom.random_number( 10000 )
  end

  def get_authcode
    # regular login gets us the authcode
    response = HTTParty.post( "https://www.okcupid.com/login",
      body: { username: @username, password: @password },
      headers: { "Cookie" => "guest=#{@guest_id}" },
    )

    @authcode = response.body.match( /AUTHCODE.*?"(.*)"/ )[1]
  end

  def get_session
    # api login gets us the cookie and session in it
    response = HTTParty.post( "https://www.okcupid.com/login",
      body: { username: @username, password: @password, okc_api: 1 },
      headers: { "Cookie" => "guest=#{@guest_id}" }
    )

    @session = response.headers["set-cookie"].match( / session=(.*?);/ )[1]
  end

end