2019-03-12 UTC
# [grantcodes] Ok I think I final IndieAuth related question for now RE PKCE: Is it pointless to generate a code verifier that is not totally random but unique for each user / domain? It's obviously not as strong as a truly random string but it means I could automatically build it into the helper library because it has no idea of storage / session