Posted Friday, July 26 at 12:36 AM (5 years ago)
Updated some packages.
Main things with Publ since the last release:
- Internal cleanups to how caching happens
- Stop spuriously-caching a bunch of stuff; in particular login/logout endpoint URLs no longer get cached
- Various cleanups
- Improve the way that built-in templates are managed
- Initial cruddy implementation of an admin authentication dashboard (although this isn’t quite ready for prime time)
The only Authl change is that email identities are now given as a full mailto:
URL; going forward all identity strings will be full URLs. This simplifies the UX for admin dashboards, in particular, and removes some ambiguity.
Posted Sunday, July 21 at 2:24 AM (5 years ago)
I’ve released a mini-update of Publ to fix an authentication problem (the config parser was “helpfully” sanitizing things that didn’t want to be sanitized), and also some refactoring/improvements/bugfixes to Authl.
The big changes to Authl are that the email handler generates shorter/nicer links, and it also puts an anti-abuse timeout into email login attempts to prevent people from spamming themselves or others with spurious email notifications. There’s also a bunch of small bugfixes to Authl’s login flow, and Flask apps can specify that sessions should not be made permanent.
Posted Monday, July 15 at 9:16 PM (5 years ago)
Normally I wouldn’t release a new version just for a single minor bugfix, but this was causing bigger problems. Oops.
Anyway, there was one other minor fix, which allows “cb” to be a valid category name again. It’s minor and fiddly but hey, consistency, right? (And anyway you never know, someone might use Publ for a site that has a CB enthusiasm blog!)
Posted Saturday, July 13 at 5:25 PM (5 years ago)
I’ve added private entry stuff to my website (here’s an example post) and in doing so I shook out a few loose ends:
- Improved the login flow for when someone is logged in but goes to an entry they don’t have access to
- Simplified generating login and logout links from templates
- Added
Status: UNLISTED
as a synonym for Status: HIDDEN
All the auth-related things are now documented here and also demonstrated in the sample templates.
There is not much left for v0.5, incidentally!
Posted Saturday, July 13 at 2:58 AM (5 years ago)
Wow, this is a pretty major update: authentication is now a thing!
It isn’t quite complete yet – I still have a few more things I want to add before I consider it done (and therefore release v0.5.0) – but this is at least in a state where it’s ready to be experimented with. Probably. I need to sleep first, before I start adding authentication to my website.
Posted Monday, July 8 at 11:56 AM (5 years ago)
I’ve released Authl 0.1.1, which adds support for Mastodon authentication. And the Publ test suite now is up-to-date with that as well.
There’s a few things I want to do on Publ before I release a version for use on my own website, the big one being the ability to provide a better login page, and some refactoring around built-in templates now that built-in templates are becoming a thing.
I also really want to redo how I manage the documentation site, because it’s getting kind of untenable at this point.
Anyway, really soon I’ll have properly-private content on my website again, and hopefully this will be enough of a feature for people to actually be interested in Publ!
Posted Thursday, July 4 at 10:58 PM (5 years ago)
I’ve put a bunch more work into Authl, and have released it into PyPI. Of note is that now it has a simplified mechanism for setting it up with a Flask application.
Hey, wait, Publ’s a Flask application!
How about that.
Posted Monday, July 1 at 12:07 AM (5 years ago)
I wrote more about this on my personal blog but to summarize, I finally made some progress on actually working on Authl, which was the missing piece I needed before finally getting started on private posts. No promises on when I’ll actually have that functionality working, but at least I’ve finally gotten over the chicken-and-egg bump of not having any auth system to implement privacy against (and no privacy system to implement auth for).
Anyway, if anyone wants to play with what I have so far, there’s an incredibly basic starting point over yonder.