#dev 2019-07-13

2019-07-13 UTC
#
[tantek] what is App Engine
#
Loqi Google App Engine is a an application hosting service that supports several programming languages https://indieweb.org/App_Engine
#
cameron1 Basically that. Does cool stuff like autoscaling to zero, and it's effectively free for low traffic sites
#
[tantek] There are bunch of IndieWeb related services that people have running on App Engine: https://indieweb.org/App_Engine#IndieWeb_Examples but you might be the first person here actually running your personal site on App Engine!
#
[tantek] what's your site URL?
#
cameron1 https://www.cameronbrown.co.uk/
#
cameron1 so what stuff is needed server side to support indieauth?
#
[fluffy] @cameron1 I have an IndieAuth-et-al library for Python that’s in early alpha right now, if you want to give it a whirl. https://github.com/PlaidWeb/Authl
#
Loqi [PlaidWeb] Authl: A library for managing federated identity
#
[fluffy] It currently relies on IndieLogin.com to do IndieAuth but at some point I’ll make it do its own IndieAuth flow.
#
cameron1 supports flask too - that's great
#
[fluffy] yeah, Flask is my main platform of choice 🙂
#
cameron1 I'm using Flask btw too
#
cameron1 it's handy because I host dozens of services on my website
#
[fluffy] the Flask endpoint stuff that it provides is geared towards using a session cookie for managing auth, and presently makes it a persistent cookie for Reasons although I’ll probably make that configurable.
#
[fluffy] also the downside to using IndieLogin.com is that you need to register your app with it (or run your own instance) and there’s no fast way of doing that; basically you need to ask [aaronpk] and hope he gets around to it 🙂
#
cameron1 so how does the protocol work?
#
cameron1 what does IndieLogin provide?
#
[fluffy] IndieAuth itself is a modification of OAuth2, which allows a mechanism for unattended application registration.
#
[fluffy] IndieLogin is a wrapper around IndieAuth and RelMeAuth.
#
cameron1 ahh yeah I've added rel me tags to my site
#
[fluffy] The reason I’m writing Authl is that those two use cases didn’t cover all the bases for me and I wanted to be able to support magic email links and other OAuth-based providers (e.g. Mastodon, Twitter) directly rather than via RelMeAuth.
#
cameron1 magic email links are great, I hope they see more adoption at some point
#
[fluffy] I have mixed feelings about them but they’re nice to have all the same.
#
cameron1 so from what I gather, IndieLogin is a 3rd party which confirms your link between your domain & regular oauth accounts?
#
[fluffy] Sssorta.
#
[fluffy] It’s easy to get confused with the terminology, and I’m fairly new to this world myself so let me see if I can do a better job of explaining…
#
cameron1 Ah it just seemed to me that IndieLogin was a way of avoiding running your own OAuth server
#
[fluffy] IndieAuth is a federated identity protocol built on OAuth, which allows for people to use an OAuth login flow to verify their ownership of a domain to identify themselves to someone else.
#
[fluffy] RelMeAuth is a federated identity protocol using rel=“me” links on your website to say “ask this other provider to tell you who I am”
#
[fluffy] IndieLogin is a *consumer* of IndieAuth and RelMeAuth
#
KartikPrabhu there is ninka by bear for Python indieauth https://github.com/bear/ninka not sure how up-to-date it is
#
Loqi [bear] ninka: 認可 - ninka - permission, license, to approve, permit
#
[fluffy] so like, if you want to identify yourself to other sites, you can use IndieAuth and/or RelMeAuth on your site. Since you’ve set up rel=“me” links you already have a de facto RelMeAuth provider set up.
#
[fluffy] There are plenty of self-hostable or third-party IndieAuth providers as well.
#
[fluffy] If you want other people to identify themselves *to* you, you need to consume IndieAuth and/or RelMeAuth, and IndieLogin.com makes that easier.
#
cameron1 for things like commenting I'm assuming?
#
[fluffy] Commenting is typically done via WebMention
#
[fluffy] At least in an IndieWeb context.
#
KartikPrabhu private posts is a use-case
#
[fluffy] My interest in consuming auth (and why I’m writing Authl) is for private posts.
#
[fluffy] IndieAuth is also used for other things like providing authentication for MicroPub and MicroSub, which are rabbit holes you don’t have to go down just yet 🙂
#
cameron1 one of my plans before I discovered IndieWeb was to integrate Standard Notes with my site, have a specific tag for public posts and automate everything around that
#
[fluffy] That sounds like it might be a use case for MicroPub.
#
cameron1 right now everything is currently stored in markdown files which are read into memory & parsed when the server boots
#
[fluffy] heh, that’s not too different from how Publ (my Flask-based CMS) works
#
cameron1 ah that's cool
#
[fluffy] The way I’m doing private posts in Publ is I’m setting up identity/permissions groups that basically just say “If someone authenticates as this identifier, let ’em see it.” With a bit more fine-grained control than that but that’s the tl;dr anyway.
#
[fluffy] And I’m just storing it in a text config file that gets read whenever someone authenticates.
#
KartikPrabhu [fluffy]: you should add Publ to https://indieweb.org/projects and possibly document it on its own page :P
#
cameron1 so does your CMS allow editing content?
#
cameron1 as in, built right into the system
#
[fluffy] Yes, by checking in new markdown files to git 😛
#
[fluffy] Someday I’ll write an integrated post editor but that’s a low priority for me
#
cameron1 yup - same here, ah so I understand your use case a bit more now
#
[fluffy] @KartikPrabhu It very much has its own page on the wiki 😛
#
KartikPrabhu [fluffy]: then link to it from /projects :) where all shall be collected
#
[fluffy] yeah working on that now
#
KartikPrabhu might not need to build your own editor if you support micropub
#
[fluffy] micropub doesn’t really fit my use cases
#
KartikPrabhu hmm interesting
#
KartikPrabhu why so?
#
[fluffy] I’m more about long-form blogging and things that don’t fit neatly into the fire-and-forget “send a basic media attachment” model
#
[fluffy] take a look at my website, http://beesbuzz.biz/
#
Loqi fluffy
#
[fluffy] yes loqi
#
KartikPrabhu aah yes, same reason I don't use micropub. I write the HTML by hand
#
@TimHildred #IndieWeb’s mission envisions a web that uses standards like Webmention to marry the powerful technologies and diverse cultures of the modern internet with the original promise of what we once called the world-wide web. https://buff.ly/2YM8UEE @JmacDotOrg (twitter.com/_/status/1149839862805213184)
#
cameron1 do you use any kind of server-side templating for that?
#
KartikPrabhu I do. I use Django and its templating system, but a lot of the long-form stuff is just HTML
#
KartikPrabhu cameron1: just saw your posts in the main channel. Instead of IndieAuth, I would actually start by 1) posting/publising to your website 2) Webmentions for responses 3) POSSE (which I do manually using bridgy)
#
KartikPrabhu bridgy will also send a webmention for replies/likes etc... to posts you have syndicated to (say) Twitter
#
[tantek] KartikPrabhu, I think IndieAuth support is a fine place to start with where cameron1 is (and in terms of scratching your own itches 🙂 ) - plus then he can sign-in to the wiki!
#
KartikPrabhu [tantek]: cameron1 of course all of these can be implemented in any order :P
#
KartikPrabhu I was thinking more in terms of "getting an 'social media' type stuff on your site"
#
KartikPrabhu also I have found Webmentions much easier to do that all the IndieAuth dance (which I still only barely understand)
#
[fluffy] yeah webmentions give you a huge bang for the buck for indieweb
#
KartikPrabhu also that ^
#
[fluffy] and cameron already has RelMeAuth implemented, so can therefore login to the wiki 🙂
#
[fluffy] for webmention I just suggest using webmention.io as your endpoint. It’s really easy to use, and I also have a client-side javascript library (webmention.js) that’ll work with it.
#
[fluffy] Although supporting it server-side isn’t a terrible option either.
#
KartikPrabhu yes. you can start by off-loading it to webmention.io and then build your own and switch to it
[grantcodes] joined the channel
#
cameron1 [KartikPrabhu] POSSE was a concept I was already starting to implement with some CLI tools, though bridgy looks much more of an elegant solution
#
cameron1 I'm curious - how big is this community?
#
jacky cameron1: that'
#
jacky *that's hard to measure
#
jacky largely because it's not like people 'check' in
#
KartikPrabhu what is indiemap?
#
Loqi indie map is a public IndieWeb social graph and dataset, made by Ryan Barrett and launched at IndieWeb Summit 2017 https://indieweb.org/indiemap
#
KartikPrabhu that gives an estimation ^
#
cameron1 So still quite small, but fun
cameronbrown[m] joined the channel
#
KartikPrabhu I'm pretty surprised that I'm still pretty close to the centre of the indiemap. Maybe the connections should decay with time
#
KartikPrabhu algorithm all the things!
#
Loqi http://meme.loqi.me/m/51WSQ_31.jpg
#
KartikPrabhu good job Loqi
#
jacky oh man ckeditor is awesome
#
jacky never using anything else
#
jacky specifically ckeditor 5
#
[fluffy] How does one end up on IndieMap, anyway? As far as I can tell I’m not on it.
#
jacky neither am I
#
[fluffy] looks like it was last updated in 2017, which is well before I started getting involved.
#
jacky I think it was run once and not again
[cleverdevil] and KartikPrabhu joined the channel
#
[tantek] yes we need to kindly request [snarfed] to operationalize it to run annually in mid June so we can report on it every Summit 🙂
eli_oat, gxt and amz3 joined the channel
#
jacky is spending his night before going out trying to get a nice enough interface for his editor
KartikPrabhu, gxt and [KevinMarks] joined the channel
#
[KevinMarks] Cameron1 if you want appengine based webmention you can use mention.tech (or clone some of the code into your site)
#
[KevinMarks] https://github.com/kevinmarks/mentiontech
#
Loqi [kevinmarks] mentiontech: webmention experiment
#
@kleinfreund Once again not being able to wrap my head around webmentions. Especially the sending webmentions part. I don’t understand the success criteria for the http://webmention.rocks tests. I get the first couple discovery tests to pass (1–9), but the rest don’t work. (twitter.com/_/status/1149960483329445889)
#
@kleinfreund ↩️ And with all that, we haven’t opened the can of worms that is “How does your mom send me webmentions?”. (twitter.com/_/status/1149960843653787648)
#
@nekr0z Обнаружил, что получение любого webmention'а к посту, где есть не-ASCII символы, ломает внутренний поиск по сайту: https://github.com/idno/known/issues/2490 Грызу локти: до чего же плохо не знать PHP! (https://evgenykuznetsov.org/s/1yYcEu) (twitter.com/_/status/1149963278199791617)
#
@kevinmarks ↩️ @kleinfreund She replies on twitter and http://brid.gy sends you webmentions. (twitter.com/_/status/1149965199417458688)
#
@kevinmarks ↩️ @kleinfreund She replies on twitter and http://brid.gy sends you webmentions. (twitter.com/_/status/1149965199417458688)
[KevinMarks] and [fluffy] joined the channel
#
[fluffy] http://publ.beesbuzz.biz/blog/558-v0-4-3-Authentication ok now i sleep
#
[fluffy] (no public demo of private posts yet, that’ll come later)
djmoch and [jgmac1106] joined the channel
#
[jgmac1106] can anyone tell me what I am doing wrong with my basic grid here: https://buildyourfirstaboutmepage.glitch.me/ Can't get the h1 to start in column 4 row 2
#
KartikPrabhu what CSS are you using? There don't seem to be any layout styles on the h1
#
[jgmac1106] tried to define the grid placement on <div class="headerTitle">
#
KartikPrabhu also CSS grid only affects direct children of the element which has the grid
#
[jgmac1106] and then styled h1 using .headerTitle h1
#
[jgmac1106] ahh okay
#
KartikPrabhu so in your case, the h1 won't work since the grid is defined on the "wrappper"
#
[jgmac1106] thx
#
KartikPrabhu you can use display: contents on the ".hederTitle" to essentially get rid of it from the layout. But then you can't use some styles or a fragment link on that element
discord[m]2 joined the channel
#
swedneckpermaweb !discord bridge 475789330380488707/588731025547591690
Kartha joined the channel
#
Kartha hey!
Kartha10, UtopicUnicorn[m] and [jgmac1106] joined the channel
#
@IndieWebLife IndieWeb and Webmentions #indieweb.life https://css-tricks.com/indieweb-and-webmentions/ (twitter.com/_/status/1150073168259768322)
[schmarty] joined the channel
#
jacky there's a lifestyle account? lol
amptwo joined the channel
#
jacky if anyone wants to help me break something, check out https://publish.koype.net/
#
jacky it has some basic support for editing and handle media uploads as well
#
jacky should put a feature listing on the homepage as well as submit some implementation reports
[grantcodes] joined the channel
#
[grantcodes] I get an internal server error logging in jacky
#
jacky grrr
#
jacky oh it couldn't read your h-card
#
jacky hmm I get this same problem when I try to capture webmentions from your site as well
#
jacky goes to debug
#
[grantcodes] Should even really be necessary for a micropub client
#
jacky it isn't but in order to make the experience a bit more personal, I show your image and name in a few places
#
[grantcodes] Yep fair enough
#
jacky hm this is a library issue (which is good because it'll fix it everywhere else)
#
jacky but just going to take a wee bit more time to debug
#
jacky wow micropub.rocks is very sensitive to trailing slashes, eh?
#
sknebel ?
#
jacky OH nvm
#
jacky so the micropub endpoint is precise (i.e: a trailing slash changes the URL)
#
jacky my micropub client was adding a slash
[cleverdevil] joined the channel
#
[cleverdevil] It works nicely for me on my iPad, @jacky. Its really nice!
#
[cleverdevil] Haven’t actually published, and it doesn’t seem to let me set visibility, but an awesome start.
#
petermolnar sigh... apparently artstation went behind cloudflare. When you request something like https://www.artstation.com/users/%s/likes.json?page=%s without accepting cookies, you get a captcha page, or at least with python requests, you do.
#
petermolnar the more I see about cloudflare the more I think they are bad for the internet in the long run
#
jacky oh yeah everything in the sidebar sans the "Save" button is useless lol for now
#
jacky petermolnar: tbh I'm conflicted with cloudflare
#
jacky they're helpful when it comes to protection
#
jacky but when it's used blindly (like this) then it's trash
#
jacky [cleverdevil]: thank you! if there's any presentation issues, lemme know - aiming to nail the UX
#
petermolnar I'm starting to hate the post-gdpr/post DDOS-for-hire world; oath and it's idiots who put rss feeds behind gdpr consent which can be bypassed using 'googlebot' as user agent, cloudflare who thinks you're a bot if you don't accept cookies
#
petermolnar maybe we really do should go back to gopher
#
jacky agh 'bearer' _has_ to be "Bearer"
#
jacky grrr
#
petermolnar fixed it: in short, instead of pure requests.get, use requests.session and fire of a dummy call first to init session cookies
#
petermolnar also copy request headers from a "real" browser
#
jacky they want you to hold a session to track you?
#
petermolnar eg firefox
#
jacky oh the user-agent stuff
#
petermolnar yes
#
petermolnar you need both to look like a real browser - agent, accept headers, etc - plus hold a session cookie
#
petermolnar otherwise you get a captcha page
#
petermolnar but this is so ridiculously simple to bypass
#
petermolnar why even bother?
#
petermolnar I mean if I was able to figure it out in ~15 minutes
amptwo joined the channel
#
jacky it's them giving you a ID of sorts to be more fingerprintable
#
jacky (because they're probably assuming you won't change that header once you set it or clear out that session often - I don't)
#
jacky all speculation of course on my end
amptwo and gxt joined the channel
#
jacky hmm a lot of the tests are expected form encoded requests
#
jacky well no
#
jacky just that syndication ones are specific to form encoded
#
petermolnar anyone has a saved deviantart image url? Could you please try if it still works? I have a bad feeling; I see wix url returned for images, and knowing wix they didn't bother to retrofit the old scheme
#
sknebel petermolnar: you mean hotlinked images from deviantart? just checked a few on some random googled forum and seems those still work
#
sknebel interesting urls "/fit-in/300x900/filters:no_upscale():origin()"
#
petermolnar ack, thank you
#
petermolnar I still can't get over the DA redesign though
#
petermolnar to make it look so much like artstation that one can actually mix up the two
#
@fluffy New post: Plaidophile: My webmention endpoint wish list https://beesbuzz.biz/6982 (twitter.com/_/status/1150129541400203266)
h2[m] and [fluffy] joined the channel
#
[fluffy] oh yeah I have post privacy working too. http://beesbuzz.biz/8011
#
[fluffy] oops, wrong one. http://beesbuzz.biz/3922
[jgmac1106], [schmarty] and jjuran joined the channel
#
sknebel [fluffy]++
#
Loqi [fluffy] has 9 karma in this channel over the last year (20 in all channels)
#
sknebel I had briefly turned on github notifications for Publ and quickly learned that with your progress speed thats... inbox-filling :D
KartikPrabhu joined the channel