search

janboddez / share-on-mastodon

Easily share WordPress posts on Mastodon.
https://jan.boddez.net/wordpress/share-on-mastodon
GNU General Public License v3.0
39 stars 5 forks source link

Store client details "centrally" #114

Closed janboddez closed 3 weeks ago

janboddez commented 1 month ago

Related to #113, in order to prevent registering as a new client for each and every user, we'll need to keep track of where we registered. And in order to figure out if a registration is valid, still, we need an app token, too.

Right now app and user tokens are stored either in the options table or in usermeta.

We should instead store client ID, client secret, and app token in a separate array in options or in a separate database table altogether. And either copy the credentials into the usermeta or simply refer to the correct database row.

Looks like separate table might not be such a bad idea. We could then also keep track of when we registered and whatnot.

janboddez commented 1 month ago

And in order to figure out if a registration is valid, still, we need an app token, too.

So, if ever someone entered a previously known instance, we should check the validity of our details, and then re-register if needed, and overwrite the database entry. And maybe invalidate (i.e., forget, as I don't think we can revoke them anymore at that point) previously issued tokens for this instance.