 :ablobcatcoffee: After a little over half a year, I've started the transition to a #selfdogfood diet: my own #IndieAuth instance is now an MVP running in production. Over time, I'll be fixing problems found in the process, in addition to implementing improvements. Like #RelMeAuth, which would be nice to have in the near future. 2 comments
For now, only BasicAuth with expected details from config is used as proof of ownership of the entered url. This limits the use of the node by clients on my behalf, which is acceptable for MVP. But don't discount BasicAuth. Despite its implementation limitations, it has a low learning threshold, is natively supported by all browsers, requires no HTML/CSS/JS at all, and eliminates the need for separate session design and logout button. It's the "fastest start" in authorization you'll ever get. |
Gregory's Server
#TicketAuth is also supported, but I don't yet have the tools and simulations of the barriers on the site requiring tickets to test it.