OAuth is FAR more secure and just better in general. Whenever possible, we want to send users through that route.
Doing it in open source + local app is a bit tricky since we have to store our secrets for authentication in the app, which there isn't really a good way to do securely. This problem, however, is not unique to this app. Basic protection may be good from scrapers, but there will be no way to fully protect these values.
OAuth is FAR more secure and just better in general. Whenever possible, we want to send users through that route.
Doing it in open source + local app is a bit tricky since we have to store our secrets for authentication in the app, which there isn't really a good way to do securely. This problem, however, is not unique to this app. Basic protection may be good from scrapers, but there will be no way to fully protect these values.
Current OAuth candidates: