#wordpress 2021-06-15
2021-06-15 UTC
[Will_Monroe] joined the channel
#
[Will_Monroe] [dshanske] That didn't seem to work. Here's what I did:
#
[Will_Monroe] 3. Saved token to Indigenous for Desktop Settings > The token for both endpoints (see screenshot)
#
[Will_Monroe] 1. In WP, went to Users > Manage Tokens > Add New Token
#
[Will_Monroe] 2. Named token, Added Token and copied the token
#
[Will_Monroe] 4. Added settings for Post endpoint, Media endpoint as listed in Indigenous for Android (which is working)
#
[Will_Monroe] 5. Added setting for Reader endpoint as listed in Indigenous for Android
#
[Will_Monroe] The settings for the Post and Media endpoints both point to my domain. But the setting for the reader points to Aperture.
#
[Will_Monroe] Can you see any obvious errors I might have made?
#
[Will_Monroe] "Something went wrong loading the channels"
#
[Will_Monroe] Actually, both the Post and Media endpoints seem to work! Only the Reader endpoint seems to be having trouble.
#
[Will_Monroe] [dshanske] I think I may have the answer: See Token generation in Wordpress https://github.com/swentel/indigenous-desktop
#
[Will_Monroe] I should have noticed this earlier
[tw2113_Slack_] joined the channel
Ruxton, [schmarty], [jacky], [Murray], [chee], tonz, [KevinMarks] and [pfefferle] joined the channel
#
[pfefferle] GWG I just had a look at your PR… does the renew, simply update the timestamp on the token?

#
[pfefferle] hmmm, shouldn’t this be an oauth renewal process? https://www.oauth.com/oauth2-servers/access-tokens/refreshing-access-tokens/

#
[pfefferle] or why do you have implemented the expired feature?

#
[pfefferle] does the expires update after a “new” login?

#
[pfefferle] that means, that a client that has access to my blog will no longer work if I do not update the token?

#
[pfefferle] does that make sense?

#
[pfefferle] I think you added it because of security reasons?

#
[pfefferle] but shouldn’t we use something like “if a token was not used for more than 15 days, delete it”?

#
[pfefferle] that wouldn’t delete “active” tokens

#
[pfefferle] therefore we have to update the expires date every time a token is used

jeremycherfas joined the channel
#
[pfefferle] hmmm, but I like the feature in general, but I do fear that an active token might be expire

#
[pfefferle] I do not want to disable it in general

#
[pfefferle] I like the idea of deleting unused tokens

#
[pfefferle] I am just thinking about a way to identify “inactive”/“unused” tokens

#
[pfefferle] ok, maybe

#
[pfefferle] that is not what I meant

#
[pfefferle] I only had the idea to update the “expires in”, if a token was used

#
[pfefferle] to keep it alive

#
[pfefferle] I understand the reason behind but it. What is the default behaviour atm.?

#
[pfefferle] expires on or off?

#
[pfefferle] shouldn’t off be the default, to not change the behaviour for existing users?

#
[pfefferle] opt-in

#
[pfefferle] just thinking

#
[pfefferle] I added some comments to your PR

#
[pfefferle] I am also fine with default on, but would recommend to raise a major version then, because it is a breaking change

jeremycherfas, Tomte, jeremych-, [jacky], [KevinMarks], bode, [chrisaldrich], [tw2113_Slack_] and [asuh] joined the channel