A while ago I posted a thread back on the
spoiler
spez
::: website, with a personal opinion on why the Fediverse seems a bit complicated. It basically goes like this: Mastodon (and pretty much every Fediverse project out there) is based on the idea of using multiple websites.
This is not really a problem on the desktop, as you’re using the browser to log in to the Fediverse. You go to mastodon.social or lemmy.world, maybe bookmark these, and you log in as normal (if you do not check the remember me option at login). Same goes with Facebook, with Xitter, with the
spoiler
spez
::: website etc.
Alright, but the newer generations (not everyone, but many folks part of them) rather use apps instead. And what do these apps do? Present a login screen with fields only for the username and the password (at most).
What are the Fediverse apps doing? They are also asking for the website where they would log you in. So you go open e.g. the Mastodon app, then type the website that you need to access (which in many cases it might not contain the word Mastodon in it), and only then you can enter the credentials.
What am I asking now (especially app developers): Wouldn’t it be better (if doable) to take some cues on how actually email (and XMPP for that matter) works, and ask the user for the username and the password instead in one go?
Like, everyone knows how to use email, everyone is familiar with that. And as I mentioned, XMPP is also doing it as well:
Wouldn’t it be doable?
So who stores the login information? This is fundamentally the question here.
If you store it centrally you only need to ask for username/password combo.
But then someone needs to store it at a central location for everyone to check against.
If it’s not centralized than the user needs to provide it
Email has a hidden trick up its sleeve and that’s the domain name. In order for an email to be valid, the domain name must contain email info on its DNS records. There’s where you can imply knowledge about where the email/message is to go.
But here in lemmy, my email is just Gmail. There’s no way to find the information on where authentication could be located. Which brings me back to the top of centralization vs decentralization.
Wouldn’t it be better (if doable) to take some cues on how actually email (and XMPP for that matter) works, and ask the user for the username and the password instead in one go?
I have to give my email app a lot more information than a username and password. So I’m not sure what you’re envisioning.
I don’t know enough about the fediverse or Lemmy code to say how easy or hard this would be to implement but if we’re logging in with the username noogs@lemmy.noogs.me for example, it’s reasonable for the app to assume the server is located at lemmy.noogs.me and it can derive the likely URL of https://lemmy.noogs.me from that. The only case this wouldn’t work is if your instance is running on a port other than 443 because then we need some way to tell the app what the port should be.
Email (or at least Microsoft Exchange email) uses a protocol called autodiscover for this which uses DNS to tell an email client where to get connection information from, it then polls that URL for the information and configures the email client automatically. Using a similar DNS based approach may be useful as well.
I’d agree. Either have a “Register” link that leads you to a website explaining how to choose an instance and register there. Or maybe a drop-down menu with choices of instances and you can put in custom text if your instance isn’t amongst the defaults. That’s certainly not ideal as it prefers some instances over others, but maybe okay. Regardless, the onboarding process could be easier.
(And do away with the passwords, I think they’re an annoying concept and should go away for good in the future.)
