Closed simonw closed 3 years ago
simonw
commented
3 years ago I'm going to remove the indieauth.com mechanism entirely. It's based on an undocumented feature of indieauth.com which isn't likely to last, and users can still take advantage of RelMeAuth by adding the following to their website:
<link href="https://github.com/simonw" rel="me">
<link rel="authorization_endpoint" href="https://indieauth.com/auth">Full context: the first version of this plugin didn't implement the IndieAuth specification at all - it instead worked using an undocumented feature of IndieAuth.com which allows you to kick off authentication (that scans for RelMeAuth tags) using a form that looked like this:
I'm currently just using this as a fallback for if no authorization_endpoint is found on the page - but this fallback will stop working when IndieAuth eventually retires.
The only benefit from the fallback is that it allows authentication for pages that use RelMeAuth without including a <link rel="authorization_endpoint"> tag. I'm OK losing that in exchange for simplifying this plugin and protecting against IndieAuth going offline in the future.
simonw
commented
3 years ago Need to update the README too.
These TODOs: https://github.com/simonw/datasette-indieauth/blob/4999204acc2fa9b64eaa5c25bc700388c3029581/datasette_indieauth/__init__.py#L41-L52