# I am the Watcher. I am your guide through this vast new twtiverse.
#
# Usage:
# https://watcher.sour.is/api/plain/users View list of users and latest twt date.
# https://watcher.sour.is/api/plain/twt View all twts.
# https://watcher.sour.is/api/plain/mentions?uri=:uri View all mentions for uri.
# https://watcher.sour.is/api/plain/conv/:hash View all twts for a conversation subject.
#
# Options:
# uri Filter to show a specific users twts.
# offset Start index for quey.
# limit Count of items to return (going back in time).
#
# twt range = 1 22
# self = https://watcher.sour.is/conv/kqjjkpa
@prologic let's do it! Wouldn't you agree it is a better way to login? Again, food for thoughts.
@fastidious Yes I agree, that's why I wrote the library π€£ I _believe_ I had the idea to do this quite some time ago, but never did, probably just forgot. Username/Password auth is also pretty simple, but I agree, Email auth is dead simple. π The beauty too is that we **still don't** need to actually store an email address for the user, just the RecoveryHash we already have against the account. π
@fastidious Yes I agree, that's why I wrote the library π€£ I _believe_ I had the idea to do this quite some time ago, but never did, probably just forgot. Username/Password auth is also pretty simple, but I agree, Email auth is dead simple. π The beauty too is that we **still don't** need to actually store an email address for the user, just the RecoveryHash we already have against the account. π
@prologic Ha, I was aware of not needing to store the email address when @fastidious asked about that.
@prologic I don't understand the mysticism behind not storing email addresses. I can create an email address in seconds. What is the issue about storing them? What makes not storing them so amazing?
@fastidious And every time you create one, you've created another avenue of attribution. Lots of people don't want to be attributed to their activities on the Internet. They'd like to connect to systems, including your pod, through all sorts of bizarre routes, and never the same one twice. They could do the same thing with the email provider of that address they've given you, but that would be twice as hard (or more, likely, as I'm sure that doesn't scale linearly) as what I just previously described.\n\nThis is not me. But I'm happy to host pod mates who feel this way.
@jlj So, anonymity? The recovery email and matching nick still shows on logs, once a password reset is initiated. π€·π»ββοΈ
Actually, it only shows if SMTP is misconfigured . It everything is configured correctly, the email address will not show on logs.
@fastidious More like true pseudonymity, but, yeah. At least that's my understanding.
@fastidious Itβs a piece of PII. We have historically and continue to **not** store any whatsoever on yarnd accounts. If a pods database is leaked there isnβt much there.
@fastidious Itβs a piece of PII. We have historically and continue to **not** store any whatsoever on yarnd accounts. If a pods database is leaked there isnβt much there.
@fastidious \n> nick still shows on logs\n\nCan you show me? π€ Maybe some logging cleanup is in order π
@fastidious \n> nick still shows on logs\nCan you show me? π€ Maybe some logging cleanup is in order π
@fastidious
> nick still shows on logs
Can you show me? π€ Maybe some logging cleanup is in order π
@fastidious
> nick still shows on logs
Can you show me? π€ Maybe some logging cleanup is in order π
@fastidious Ahh! π (sorry I catch up every morning in reverse order obviously π)
@fastidious Ahh! π (sorry I catch up every morning in reverse order obviously π)
@jlj \n> More like true pseudonymity\n\nThis βοΈ
@jlj
> More like true pseudonymity
This βοΈ
@jlj
> More like true pseudonymity
This βοΈ