Heading out
IndieAuth for WordPress Question
Thinking about the necessity of maintaining IndieAuth code in the Micropub plugin and now the Yarns Microsub plugin for WordPress.
I wanted to put out to any WordPress user for some input. The IndieAuth plugin creates an IndieAuth endpoint inside your WordPress installation. This means that you login to your site and that login generates a token to give Micropub, Microsub, or other clients in order to let them have access to your site.
Alternatively, if you don’t install it, the IndieAuth code inside the other plugins will connect to an external IndieAuth endpoint, defaultly indieauth.com. Indieauth.com, for example, delegates your login to a third-party site(Github, for examplle) on which you have an account that you link to from your website. So all you need is to add a link marked up properly to your site for that.
So, the question is, why would people want an external login to a built-in login? Since it uses the WordPress login system to get your credentials, you could install any number of login enhancements for WordPress that would work seamlessly to accomplish the same goal if you want to log in using a third-party site, for example.
It is definitely more secure for you to use authorization under your own control than delegating it to another site. To try and make my life easier, I would like to make Micropub and Microsub dependent on having the IndieAuth plugin installed.
The only use case presented for allowing an external site was…what if I want to sign into Site A with the credentials of Site B? That would be web sign in. There is functionality for that built into the IndieAuth plugin, but it probably deserves to be its own plugin so you can install it or not as the case may be.
Web sign in presents you with a URL and then, when you ask to log in, searches that URL for an IndieAuth authorization endpoint. If none is available, it would fail back on another technique, such as relmeauth…looking for alternative login providers.
Hoping for some comments on why people might want to maintain the external option.
Passover circa 1984
IndieWebCamp Berlin is an all-levels BarCamp-like collaboration in Berlin for two days of keynotes, brainstorming, creating, teaching, and helping gain more control over our data and lives online!
The ninth annual gathering for independent web creators of all kinds, graphic artists, designers, UX engineers, coders, hackers, to share ideas, create and improve their personal websites, and build upon each others creations.
Simple Location 3.7.0 Released
Simple Location Version 3.7.0 was released. This version fixes an issue where Micropub post locations were not showing because they were defaulting to private.
Going forward, Micropub posts with a location property will be set to public by default unless the client sends information indicating otherwise.
To support fixing the ones set incorrectly, there is now a bulk action to set multiple posts to private or public.
For Micropub posts without a location property, there is now a setting to add one from the backend geolocation provider. This will obviously not work with the web browser based provider, only the ones that work in the background. There are currently 2 bundled in.
- Set Location from Author Profile – This will always pull the location set in the user’s metadata. You can read about how to set this here. Thereotically, any external provider that supports HTTP requests could use this
- Compass – Aaron Parecki’s location storage system. I selfhost my own copy.
In a future update, will be looking to set Compass API lookup per user so each user could have a separate feed for location.
Went for a walk.
Simple Location 3.6.3 Released
Version 3.6.3 of Simple Location has been released. This adds Aaron Parecki’s Compass server as a location provider.
Location providers in Simple Location look up the current location of the user. As I write this, I realize that I set it up to globally look up the location, and I could make it, since Compass has users, allow for a different lookup per user. Future feature, I suppose, along with looking up historic location.
Since I hate to do just one thing, I added in a new weather provider that had been on my list, APIXU.
The goal I have in adding as additional providers that perform the same function…map, weather, location, reverse geocoding, elevation is that I do not want to be beholden to one company. If my access shuts down, I can switch to another one. Someday, I may implement automatic fallover.
Setting up Compass with GPS Logger for Android
After much debate about whether to build my own solution or install one, I installed Aaron Parecki’s Compass.
Compass is a GPS Tracking server. It is specifically tailored to an iOS app Aaron developed called Overland. Which creates a problem as I am an Android user.
So, I needed an Android app that could send data to Compass. I tried GPS Logger. It is a popular GPS Logging app, although I’m not sure if it was intended for 24 hour a day use. It seems the biggest use cases it is used for would be gps tagging of photos and tracking hacks.
It supports logging to a custom URL. THe following settings have to be set
- URL: https://example.org/api/input?token=xxxxxxxxxxxxxx
- HTTP Header: Content-Type: application/json
- HTTP Method: POST
- HTTP Body: { “locations”: [ { “type”: “Feature”, “geometry”: { “type”: “Point”, “coordinates”: [%LON, %LAT, %ALT] }, “properties”: { “timestamp”: “%TIME”, “speed”: %SPD, “direction”: %DIR, “activity”: “%ACT”, “provider”: “%PROV”, “battery_level”: %BATT, “horizontal_accuracy”: “%ACC”, “annotation”: “%DESC”, “device_id”: “%SER” } } ] }
The above sends a variety of preset parameters GPS Logger provides in the format Compass expects.