thanks brugeman (npub1xdt…ntxy) I will check the nip46 discussion. I am curious to see what is the "question" around the callback_url.
If oauth flows work perfectly with no popups/iframe/modals, I am positive we can build that way as well.
And I do not advocate for removal of the input field, I say that as we have 1/2 providers now, having a click-click solution that just work is a good idea, rather than forcing user to insert the "email" all the time.
And fiatjaf (npub180c…h6w6) yes there has been a time that we had 40 oauth providers and a couple "bind-them-all" buttons... And almost all were doing the popup thing. It was even cool. The early Web2.0 era.
But what about oauth now? Most website offer 2/3 oauth + email field, and all oauth-flow are pure redirects. Because offers consistent navigation (impossible with popups), does not require to load resources from external websites (which is a bit NO for me both as user and developer), and I think a more clear UI and probably more secure overall.
Also we do not have 68 now, or even 6. We have 1, maybe 2. Designing for 68 is not future proof, is over-engineering.
Ok, thanks for listening guys really appreciate the conversation. Now I'll go back to damn frontend testing setup - the hardest thing of hard things 😉
ildella / Daniele
npub1nc…4r8ar
2024-02-20 19:35:30
in reply to nevent1q…mtx0
Author Public Key
npub1ncdaqhk5rea29hdpaxmyhzay3d5mkrattg3dgs4yjkcml99fkqcqz4r8arPublished at
2024-02-20 19:35:30Event JSON
{
"id": "3f8362259f83c22a6450ee717aa18dc1c578ca7447e893827cdda8895c216321",
"pubkey": "9e1bd05ed41e7aa2dda1e9b64b8ba48b69bb0fab5a22d442a495b1bf94a9b030",
"created_at": 1708454130,
"kind": 1,
"tags": [
[
"p",
"3356de61b39647931ce8b2140b2bab837e0810c0ef515bbe92de0248040b8bdd",
"",
"mention"
],
[
"p",
"3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d",
"",
"mention"
],
[
"e",
"6a3aea01827d6cec3ab15d78660e0f8fd88db70ac2b2b6a399466fa16994015d",
"wss://relay.snort.social/",
"root"
],
[
"e",
"1954c0c8cdc1c812ac538283a646e989fe590192adefc37a7b949141c83e97a1",
"",
"reply"
],
[
"p",
"9e1bd05ed41e7aa2dda1e9b64b8ba48b69bb0fab5a22d442a495b1bf94a9b030",
"",
"mention"
],
[
"p",
"3bf0c63fcb93463407af97a5e5ee64fa883d107ef9e558472c4eb9aaaefa459d",
"",
"mention"
]
],
"content": "thanks nostr:npub1xdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wscmntxy I will check the nip46 discussion. I am curious to see what is the \"question\" around the callback_url. \n\nIf oauth flows work perfectly with no popups/iframe/modals, I am positive we can build that way as well. \n\nAnd I do not advocate for removal of the input field, I say that as we have 1/2 providers now, having a click-click solution that just work is a good idea, rather than forcing user to insert the \"email\" all the time. \n\nAnd nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 yes there has been a time that we had 40 oauth providers and a couple \"bind-them-all\" buttons... And almost all were doing the popup thing. It was even cool. The early Web2.0 era. \n\nBut what about oauth now? Most website offer 2/3 oauth + email field, and all oauth-flow are pure redirects. Because offers consistent navigation (impossible with popups), does not require to load resources from external websites (which is a bit NO for me both as user and developer), and I think a more clear UI and probably more secure overall. \n\nAlso we do not have 68 now, or even 6. We have 1, maybe 2. Designing for 68 is not future proof, is over-engineering.\n\nOk, thanks for listening guys really appreciate the conversation. Now I'll go back to damn frontend testing setup - the hardest thing of hard things 😉 \n",
"sig": "356617f89c832bc0a4289b37a429a0ac12868d9057ea76216e5a0f7cd511e8fe671bb24a5e3c64b92eedcb840a5bd399628909687b9caf487c8bbd44c2ca44d2"
}