even though it's a json file, instead of being called "whatever.json", the filename is the user's email address so we can look it up easily.
I should probably use a proper json store like dynamodb for this, but I won't, 'cuz fuck the system.
possible user states
"pending" if the user hasn't clicked their email code yet
"rate-limited" if the user has uploaded a gif within the last 24 hours
"ready" if the user is verified and has not uploaded a gif within the last 24 hours
"banned"
upload process
Since you can only upload a gif every 24 hours anyway, new and old users both use the same upload screen, there's no cookies or logged-in-ness and no distinction between "sign in" and "sign up"; the only action is "upload a gif" (or more accurately, "try to upload a gif")
new user process
I'll describe what happens for a new user since it's the most complicated (and since it relates to email verification)
user new or old types their email, password, and gif, and credit card deets into the browser, and they're submitted to stripe for card verification, which then submits them and a token to the http://github.com/radblock/signatory lambda function
the signatory looks for the user in the bucket, doesn't find it, generates an email authorization code, and creates a new user with the state "pending". It approves the s3 upload but to a special bucket called radblock-pending-gifs.
the signatory emails the user with a link like "radblock.xyz/?user={email}&code={code}"
the user clicks the link, and triggers a new lambda function called "email-verifier". It checks the code. If it's correct, it does the following:
charges the user's card using the token from step 1
changes the user's state to "rate-limited"
creates a new object called the user's email address in a bucket called "radblock-rate-limit" which expires in 24 hours.
moves their gif from "radblock-pending-gifs" into "gifs.radblock.xyz"
amonks
commented
8 years ago
users
We have an s3 bucket called
radblock-users.a user is a json file in that bucket that looks like this:
even though it's a json file, instead of being called "whatever.json", the filename is the user's email address so we can look it up easily.
I should probably use a proper json store like dynamodb for this, but I won't, 'cuz fuck the system.
possible user states
upload process
Since you can only upload a gif every 24 hours anyway, new and old users both use the same upload screen, there's no cookies or logged-in-ness and no distinction between "sign in" and "sign up"; the only action is "upload a gif" (or more accurately, "try to upload a gif")
new user process
I'll describe what happens for a new user since it's the most complicated (and since it relates to email verification)
stripe for card verification, which then submits them and a token tothe http://github.com/radblock/signatory lambda functionradblock-pending-gifs.charges the user's card using the token from step 1