• RonSijm@programming.dev
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Really neat, was hoping someone would build something like this. I’m not the biggest fan of the default Lemmy skin.

    But the login is a bit sketchy… I checked the network, and logging in just sends your credentials to their site (POST https://mlmym.org/programming.dev/) with the password in cleartext.

    Not saying that the developer has any bad intentions, but if anything is misconfigured, like nginx logging incoming requests or something, it would be a security disaster if someone would somehow be able to access it

    I don’t know if this is a limitation of Lemmy / ActivityPub but I’d prefer if the auth happened directly to the Lemmy instance.

    • ruffsl@programming.devOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Yeah, I’d be hesitant to ever login to a third party client I couldn’t self host. Hopefully O-Auth might be a future feature for Lemmy.

  • mark@programming.dev
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Looked around and it’s impressive they were able to replicate so much functionality! It doesnt seem to federate with other fedi platforms, though. At least it doesnt with Lemmy.

    • ruffsl@programming.devOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Did you try changing the instance name in the URL, or toggling between local and all on the left of the top menu sidebar?

      • mark@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Oh I mean I can’t seem to see any of the communities or posts made there on my Lemmy instance (the one I’m writing this comment from)