this post was submitted on 25 Apr 2024
23 points (78.0% liked)

Fediverse

28406 readers
485 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 1 year ago
MODERATORS
 

A while ago I posted a thread back on the

spoiler
spez
website, with a personal opinion on why the Fediverse seems a bit complicated. It basically goes like this: Mastodon (and pretty much every Fediverse project out there) is based on the idea of using multiple websites.

This is not really a problem on the desktop, as you're using the browser to log in to the Fediverse. You go to mastodon.social or lemmy.world, maybe bookmark these, and you log in as normal (if you do not check the remember me option at login). Same goes with Facebook, with Xitter, with the

spoiler
spez
website etc.

Alright, but the newer generations (not everyone, but many folks part of them) rather use apps instead. And what do these apps do? Present a login screen with fields only for the username and the password (at most).

What are the Fediverse apps doing? They are also asking for the website where they would log you in. So you go open e.g. the Mastodon app, then type the website that you need to access (which in many cases it might not contain the word Mastodon in it), and only then you can enter the credentials.

What am I asking now (especially app developers): Wouldn't it be better (if doable) to take some cues on how actually email (and XMPP for that matter) works, and ask the user for the username and the password instead in one go?

Like, everyone knows how to use email, everyone is familiar with that. And as I mentioned, XMPP is also doing it as well:

Gajim account login screen

Wouldn't it be doable?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 6 months ago (1 children)

So who stores the login information? This is fundamentally the question here.

If you store it centrally you only need to ask for username/password combo.

But then someone needs to store it at a central location for everyone to check against.

If it’s not centralized than the user needs to provide it

Email has a hidden trick up its sleeve and that’s the domain name. In order for an email to be valid, the domain name must contain email info on its DNS records. There’s where you can imply knowledge about where the email/message is to go.

But here in lemmy, my email is just Gmail. There’s no way to find the information on where authentication could be located. Which brings me back to the top of centralization vs decentralization.

[–] [email protected] 3 points 6 months ago (1 children)

What I understand the idea is to ask you to enter [email protected] in the username, and your lemmy.world password.

What I understand is happening (from the comment, because I don't use apps) is that the app first expects you to choose lemmy.world in a list, and then asks you about your name and password.

Honestly, I have no idea what is easier for anybody. Both seem very equivalent to me. Also equivalent would be asking the server, username and password on the same screen.

[–] [email protected] 3 points 6 months ago* (last edited 6 months ago)

To be fair, I use Summit and it just gives you one login box with a drop-down menu that has all of the major instances in it. I think it's an implementation issue more than a design issue