#dev 2019-11-25
2019-11-25 UTC
uniquerockrz and [dmitshur] joined the channel
# [dmitshur] I'm working on switching to using URLs as identities on my personal site (while preserving ability for people to sign in via GitHub) and it turns out to be possible to add a little nice touch to the process. it's extremely tiny and probably no one will notice, but I'm so pleased I wanted to share.
# [dmitshur] since the user starts by entering their URL, I already know their expected GitHub username by the time I redirect them to github.com to authenticate, so I can pre-populate the "username" field on github.com's sign in form
# [dmitshur] it's only relevant if the user isn't already signed in to github.com which is probably rare (for my target audience), but still
# [dmitshur] e.g., say you start by entering this on my site's sign in form (while signed out of github.com)
# [dmitshur] instead of seeing this
# [dmitshur] you get this right away 😄
# [dmitshur] it's not documented, but I found it by trial an error. it's `login` . with a simple name like that I figure it's likely to stay around.
# [dmitshur] https*
# [dmitshur] and my code diff is:
# [dmitshur] ```-url := githubConfig.AuthCodeURL(state)
# [dmitshur] +url := githubConfig.AuthCodeURL(state, oauth2.SetAuthURLParam("login", login))
# [dmitshur] return httperror.Redirect
{URL: url}
```# [dmitshur] oh great, I forgot to look there. thanks 🙂
# [dmitshur] might want to set allow_signup=false too lol
[jgmac1106], uniquerockrz and [fluffy] joined the channel
# [fluffy] Anyone have any thoughts on this? https://github.com/PlaidWeb/Publ/issues/312
# [fluffy] When I was looking into Snipcart I thought I’d just make my entry templates support the various attributes as page metadata but that got unwieldy fast and that’s why I ended up just going with Storenvy instead, rather than worrying about my own page layout. (and to be fair Storenvy brings a lot to the table that Snipcart doesn’t do.)
# [fluffy] and then snipcart’s API looks like this: https://docs.snipcart.com/v3/setup/products
uniquerockrz joined the channel
# [fluffy] https://stackoverflow.com/a/926136 says that the spec allows “all characters except tab, line feed, form feed, space, solidus, greater than sign, quotation mark, apostrophe and equals sign” in attribute names
fauno, uniquerockrz, gRegorLove, jbove, KartikPrabhu, nfip^ and [dmitshur] joined the channel
# [dmitshur] as I work towards reducing reliance on github, a fun event happens https://www.githubstatus.com/incidents/4sh7f76nh5gq
uniquerockrz joined the channel
uniquerockrz joined the channel
# [dmitshur] I hope it's not that brittle :face_with_hand_over_mouth:
uniquerockrz joined the channel
# [dmitshur] ok... is anyone brave around to test my new sign in flow? it's not finished yet, but I've made much progress, so it's closer.
# [dmitshur] (you'll need to have a github account and to allow my test app to access you public information only.)
uniquerockrz joined the channel
# [dmitshur] ok, another time. 🥱 going to sleep
uniquerockrz, KartikPrabhu, [jeremycherfas], [LewisCowles], cweiske, [tantek], jbove and [KevinMarks] joined the channel
# [KevinMarks] Be careful with html.parser, it can do weird things with element nesting compared to html5lib
uniquerockrz, gxt, asymptotically, misterwhatever, [LewisCowles], [Rose], swentel, krychu, [tantek], jgmac1106, jacky-, wagle_, [KevinMarks], ffl^, [jgmac1106], [manton] and [jeremycherfas] joined the channel; misterwhatever left the channel
# aaronpk Would love to hear feedback from people who have implemented IndieAuth on the server as to whether this would clear up the concerns around issuing access tokens for different endpoints like a microsub server https://tools.ietf.org/html/draft-ietf-oauth-resource-indicators-08
uniquerockrz joined the channel
[schmarty] joined the channel
# [schmarty] aaronpk: is this abusing scopes? i feel like this is what scopes are for, they're underspecified. 😅
uniquerockrz joined the channel
[LewisCowles] joined the channel
# [schmarty] GWG_ "what privileges you get" is also pretty underspecified!
# [schmarty] for example, "subscriptions" can be thought of as shorthand for "manage subscriptions - on your microsub endpoint."
# [schmarty] "create" as "create posts - on your micropub endpoint"
# [schmarty] a made-up goofy way of writing that might be https://your.website/micropub#create https://your.website/microsub#subscriptions etc.
# [schmarty] ^ that's a straw-format, don't want to wade too far in the weeds
# [schmarty] yeah! google does this with some of their APIs and OAuth scopes.
# [schmarty] and when i say "this" i mean specifying scopes as URLs, though now that i think about it those URLs aren't actually the resource URLs that an app talks to.
# [schmarty] skimming this resource indicators draft now. interesting that it's a combo of scope and resource=https://some/url
# [schmarty] feels like a weird combinatorics is possible if, e.g. two resource endpoints understand the same scope values differently.
# [schmarty] (e.g. if "read" in micropub means "read the source of my posts" and "read" for microsub means "read channels and their contents", it may not be clear to the user that you're authorizing an app to read all of your posts, potentially including private ones)
uniquerockrz joined the channel
# [schmarty] but i get the sense that i'm stirring up nonsense. been away too long. looking forward to catching up on what happened during Berlin2!!
KartikPrabhu, uniquerockrz, [KevinMarks], gxt, vilhalmer and [snarfed] joined the channel
gRegorLove joined the channel
# [snarfed] "background radiation of the internet," one of my favorite recent phrases. https://www.potaroo.net/ispcol/2019-10/dark.html
[jgmac1106] and uniquerockrz joined the channel
uniquerockrz joined the channel
uniquerockrz joined the channel
misterwhatever, chimo and uniquerockrz joined the channel
[Rose] and [KevinMarks] joined the channel
# [KevinMarks] handy thing I found today https://twitter.com/kevinmarks/status/1199039691959545857?s=20
# @kevinmarks something to add to your CSS resets: table td
{font-variant-numeric: tabular-nums;}
It makes columns of numbers or dates line up, especially if you text-align: right them too HT @snookca (twitter.com/_/status/1199039691959545857)# [KevinMarks] I was using a monospace font for numeric columns before, this looks nicer
uniquerockrz joined the channel
uniquerockrz and [snarfed] joined the channel
uniquerockrz, krychu and [LewisCowles] joined the channel
# [LewisCowles] RE: the spammer / bad script. Does Herndon USA ring any bells for the `66.109.27.138, 66.109.27.141, 66.109.27.142, 192.157.89.7, 192.157.89.8` they are all US IP's. Herndon shows up as being in Virginia
uniquerockrz joined the channel
# [snarfed] no, those IPs are owned by Galaxyvisions and Cologuard (https://myip.ms/view/ip_owners/22654/Galaxyvisions_Inc.html , https://myip.ms/view/web_hosting/334573/Cologuard.html), but probably just compromised machines with their IPs
uniquerockrz and [jgmac1106] joined the channel
# [jgmac1106] Gwg...because an iframe is all I know how to do..but I can display a trip now: https://jgregorymcverry.com/messingwithgpx
uniquerockrz and Bubu joined the channel
# Bubu hello
# Bubu everybody
# [jgmac1106] nvm logged out users would just see a login screen, switching link to the public view
# [jgmac1106] Hello Bubu
# Bubu hi what's up?
uniquerockrz joined the channel; Bubu left the channel