Implementing IndieAuth for Datasette - inspired by a weekend spent at IndieWebCamp East Coast #indieweb simonwillison.net/2020/Nov/1…
1
5
1
28
IndieAuth is essentially the spiritual successor to OpenID - it lets you use your own domain name to sign-in to services in a decentralized fashion
Since Datasette actively encourages deploying brand new web applications to new URLs on a whim, it's a great fir for authentication
2
1
12
😢 @aaronpk knows my stance on this well - domain-based auth is exclusionary and confusing to users. IndieAuth should just use email addresses, even if it's not doesn't use webfinger and just does s/@([^.*]\..*$/\1/ with the address.
5
1
Email addresses *are* domain-based auth. I think you’re conflating two different parts of the system. In IndieAuth, the canonical user identifier doesn’t have to be the thing the user enters in a login prompt. This is also true for almost every other authentication system.
Nov 19, 2020 · 4:28 AM UTC
1


