Implement IndieAuth #23

New Issue

Closed

opened 2022-11-02 15:25:04 +00:00 by h4kor · 0 comments

h4kor commented 2022-11-02 15:25:04 +00:00

Owner

Copy Link

At some point I need easier ways to create new posts. At the moment it is to cumbersome to create small article (or even check-ins and bookmarks)

Micropub might be a solution to this problem. This needs IndieAuth.

https://indieweb.org/IndieAuth
https://indieweb.org/authorization-endpoint
https://indieauth.spec.indieweb.org

Plan:

• add a password hash to the users /meta/config.yml
  • Auth is only activated if this is set
• implement token endpoint
• Login site will only require the password of the user
• Keep track of codes ( meta/auth_codes.yml)
• Keep track of tokens in ( meta/access_tokens.yml)
• verify redirect_uri
  • allow same site redirect_uris
• add CSRF to auth
• add PKCE
• add indieauth-metadata https://indieauth.spec.indieweb.org/#indieauth-server-metadata
• expire code

At some point I need easier ways to create new posts. At the moment it is to cumbersome to create small article (or even check-ins and bookmarks) Micropub might be a solution to this problem. This needs IndieAuth. https://indieweb.org/IndieAuth https://indieweb.org/authorization-endpoint https://indieauth.spec.indieweb.org Plan: - [x] add a password hash to the users `/meta/config.yml` - [x] Auth is only activated if this is set - [x] implement token endpoint - [x] Login site will only require the password of the user - [x] Keep track of codes ( `meta/auth_codes.yml`) - [x] Keep track of tokens in ( `meta/access_tokens.yml`) - [x] verify redirect_uri - [x] allow same site redirect_uris - [x] add CSRF to auth - [x] add PKCE - [x] add indieauth-metadata https://indieauth.spec.indieweb.org/#indieauth-server-metadata - [x] expire code

h4kor referenced this issue 2022-11-02 15:25:25 +00:00

Implement MicroPub endpoints #24

h4kor referenced this issue 2022-11-03 20:23:37 +00:00

IndieAuth #25

h4kor closed this issue 2022-11-07 19:38:28 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

better_forms

admin_design

interactions

v2

version_2

refactor_posts

micropub

master

auth

concurrency-safety

refactor-webmention

webmention

Labels

Clear labels   

Feature

Adds a new feature

  

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

improves existing feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No Label

Feature

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: h4kor/owl-blogs#23

No description provided.