#dev 2024-12-02

2024-12-02 UTC
JadedBlueEyes, claudinec, [snarfed] and bterry joined the channel
# 01:47 
carrvo It is feasible! I mean, it is feasible to get Apache HTTPd to authenticate a user (before the app) with existing modules (not writing one)! 'Course my first prototype has a huge security hole...
# 01:50 
carrvo It works like this: follow indieauth-client-php (configuring all endpoints public), except the final step in the redirect is saved to a database instead of the session, then use mod_authnz_external to check their basic "username" against the database to see if they are actively logged in (touch the timestamp on the record).
# 01:51 
carrvo Also, works better if user's don't enter the scheme part of the URL during Basic (or it will interpret anything after as the password, combined with the password field) and assume the scheme.
jjuran, [manton], GWG, gRegor, thegreekgeek, barnaby, ttybitnik, [morganm], [mattl], [Joe_Crawford], [aciccarello] and jjuran_ joined the channel
# 17:44 
[Joe_Crawford] I love when I forget a post I wrote about a weird PHP behavior. Rediscover it. Share it. And THEN get feedback that prompts me to learn even more weird facts. https://lab.artlung.com/plus-plus-a-string-php/
# 17:51 
gRegor Hah, that's great
# 18:08 
[tantek] one weird PHP trick programmers don't want you to know
sebbu2 joined the channel
# 18:14 
[Joe_Crawford] It's akin to the classic WAT JavaScript video.
# 19:13 
jimw incrementing 5e0 to 6 is a good one. scientific notation ftw wtf!
# 19:18 
[tantek] that's some numeric syntax trivia there
lazcorp, bret and eitilt joined the channel
# 20:20 
[Joe_Crawford] jimw++ combining ftw and wtf is a WIN
# 20:20 
Loqi jimw has 3 karma in this channel over the last year (4 in all channels)
eitilt, thegreekgeek_ and thegreekgeek joined the channel
# 21:22 
gRegor [snarfed], Does Bridgy Publish not remember the Bluesky app password between uses? I'm using the interactive form
# 21:23 
[snarfed] gRegor for interactive use, it doesn't have persistent sessions in cookies or anything like that, no
# 21:23 
[snarfed] sorry
# 21:24 
gRegor np, will it if I trigger publishing via webmention?
# 21:24 
[snarfed] yeah that uses the stored app password, the auth is your site's SSL
# 21:24 
[snarfed] we should really switch to OAuth now that they have that
# 21:25 
Loqi definitely
# 21:25 
gRegor Hm, where do we set the stored app password? I've changed mine after using the interactive form.
# 21:25 
[snarfed] you can have multiple app passwords. did you invalidate your last one?
# 21:26 
[snarfed] if you log in again with your account and a new app password, that will replace the old one
# 21:26 
[snarfed] so you're probably already set
# 21:26 
[snarfed] oh sorry nm
# 21:26 
gRegor Ah ok. yeah I deleted the old one
# 21:27 
gRegor Ok, signed in again and I'll try the webmention method next time. thanks!
barnaby, eitilt and bterry joined the channel