h4kor/owl-blogs
h4kor
/
owl-blogs
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Implement IndieAuth #23

New Issue
Closed
opened 2022-11-02 15:25:04 +00:00 by h4kor · 0 comments
h4kor commented 2022-11-02 15:25:04 +00:00
Owner
Copy Link

At some point I need easier ways to create new posts. At the moment it is to cumbersome to create small article (or even check-ins and bookmarks)

Micropub might be a solution to this problem. This needs IndieAuth.

https://indieweb.org/IndieAuth
https://indieweb.org/authorization-endpoint
https://indieauth.spec.indieweb.org

Plan:

  • add a password hash to the users /meta/config.yml
    • Auth is only activated if this is set
  • implement token endpoint
  • Login site will only require the password of the user
  • Keep track of codes ( meta/auth_codes.yml)
  • Keep track of tokens in ( meta/access_tokens.yml)
  • verify redirect_uri
    • allow same site redirect_uris
  • add CSRF to auth
  • add PKCE
  • add indieauth-metadata https://indieauth.spec.indieweb.org/#indieauth-server-metadata
  • expire code
At some point I need easier ways to create new posts. At the moment it is to cumbersome to create small article (or even check-ins and bookmarks) Micropub might be a solution to this problem. This needs IndieAuth. https://indieweb.org/IndieAuth https://indieweb.org/authorization-endpoint https://indieauth.spec.indieweb.org Plan: - [x] add a password hash to the users `/meta/config.yml` - [x] Auth is only activated if this is set - [x] implement token endpoint - [x] Login site will only require the password of the user - [x] Keep track of codes ( `meta/auth_codes.yml`) - [x] Keep track of tokens in ( `meta/access_tokens.yml`) - [x] verify redirect_uri - [x] allow same site redirect_uris - [x] add CSRF to auth - [x] add PKCE - [x] add indieauth-metadata https://indieauth.spec.indieweb.org/#indieauth-server-metadata - [x] expire code
h4kor closed this issue 2022-11-07 19:38:28 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
activity_pub
own_design
better_forms
admin_design
interactions
v2
version_2
refactor_posts
micropub
master
auth
concurrency-safety
refactor-webmention
webmention
Labels
Clear labels   
Feature

Adds a new feature

  
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

improves existing feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No Label
Feature
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: h4kor/owl-blogs#23
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?