Added the start of the stripe integration! Tomorrow, let's start updating the account datastore to account for the new fields and indexes. See you then!
Tomorrow’s stream: https://youtube.com/live/4W2Qv0hZWD4
Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m
Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Let's continue making progress integrating stripe!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/trTsCJeXzRk
Got a better understanding of Stripe subscriptions, and updated my list with more line items to work on 
Tomorrow let's start integrating it? Maybe? See you then
Tomorrow’s stream: https://youtube.com/live/trTsCJeXzRk Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Let's figure out how to link to the checkouts page!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/Y1h6AWUu2I8
Successfully dove into stripe integration by… making a long list of things to work on Tomorrow let's start with the easiest of those, and start linking to the checkout page. See you then!
Tomorrow’s stream: https://youtube.com/live/Y1h6AWUu2I8 Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
I set up a stripe account off screen, so let's dive into the documentation to learn how to integrate it!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/fYuMw59Xo_M
Finished up the search page, which means it's finally time… time to work on payments on the web Tomorrow let's jump into figuring out stripe, unless I find something else to distract myself with. See you then!
Tomorrow’s stream: https://youtube.com/live/fYuMw59Xo_M Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Let's polish the search experience a bit more!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/sQTfbFK6keQ
Just pushed out search over at https://jiiiii.moe/search! I still have a few loose bits to fix, but wanted to get a version out for broader testing. Tomorrow let's polish it up. See you then!
Tomorrow’s stream: https://youtube.com/live/sQTfbFK6keQ Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Let's break up the indexing operation across multiple run loop cycles, and start showing results in the UI!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/4PpI02pHXfw
Had a great time building an in-memory index directly in the browser for instant search! Tomorrow, let's show results in the UI, and take a look at using service workers(?) to offload indexing to another thread. See you then!
Tomorrow’s stream: https://youtube.com/live/4PpI02pHXfw Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Let's load up a search index!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/xX0-fBbjnJw
Now supports #webauthn #passkeys #passwordmanager
There is this joke, that you could have your SPHINX server hosted by the NSA
LemonLDAP::NG 2.21 is out!
This new release includes improvements on OpenID Connect and CAS protocols, Loki logger, public notifications and much more.
Read our release notes: https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-0-is-out/
@fleaz : it's not MultiMultiFactorAuthentication but 1FA max.
Assuming that you don't use those hardware keys to generate TOTP codes (which are pointless when confronted with the likes of #Evilginx2), but use WebAuthn instead (FIDO2 passkeys in hardware keys), everything depends on one factor: the domain name of the website.
DV-CERTS SUCK
It is not very common that certificates are issued to malicious parties, but it *does* happen now and then (https://infosec.exchange/@ErikvanStraten/112914050216821746).
SUBDOMAINS
Furthermore, sometimes organizations have "dangling" subdomain names. For example,
test.example.com
may point to the IP-adress of some cloud server no longer used by example.com. Anyone with write access to that server may install a fake "test.example.com" website and phish you to it. It *may* be used to phish your WebAuthm credentials *if* "example.com" does not explicitly *DENY* WebAuthn from "test.example.com".
See https://github.com/w3ctag/design-reviews/issues/97#issuecomment-175766580 for how Google prevents "sites.google.com" from authenticating to "google.com".
DNS HACKED
It may not be neccessary to execute BGP-hijacks to redirect network traffic to an impostor: it also all depends on how reliable DNS records are protected against unauthorized access. If the dude in charge for DNS uses a stupid password only, or the DNS provider is easily fooled into believing "I forgot my creds", it's game over. The crooks will obtain a DV-cert in no time, no questions asked, for free.
All the bells and whistless are moot if there's an alternative way to log in (such as by using a 1FA rescue code) and the user is fooled into providing it (after they've been lied to that their WebAithn public key on the server became corrupted or was lost otherwise).
Cloudflare MitM's https connections (it's not a secret: https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/). The same applies to any server you log in to, which is accessible by untrustworthy personnel. They can steal your session cookie.
In the end MFA/2FA is a hoax anyway, because the session cookie (or JWT or whatever) is 1FA anyway.
Did I mention the risks of account lockout with hardware keys that cannot be backupped? And the mess it is to keep at least one other hardware key synchronized if it's in a vault? And the limitation of, for example, 25 WebAuthn accounts max? And (unpatcheable) vulnerabilities found in hardware keys? And their price? And how easy it is to forget or loose them?
Got started on the search page on the web. Tomorrow, let's start loading and indexing show information so search can happen. See you then!
Tomorrow’s stream: https://youtube.com/live/xX0-fBbjnJw Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Let's start adding the last tab to the site: search!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/AG4W78sv_Uw
The first pass of the history tab is now live at https://jiiiii.moe/lists! I have more plans for it, but this unblocks me to start working on things like search and membership payments. See you tomorrow!
Tomorrow’s stream: https://youtube.com/live/AG4W78sv_Uw Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
I'm making a seasonal anime guide app, in the open for all to experience and learn from.
Had to prep an emergency release yesterday because I found out I broke marking episodes as watched on iPhone Anywho, let’s start getting history entries showing up on the web!
#Jiiiii #DevStream #tvOS #visionOS #macOS #iOS #iPadOS #Anime #SwiftLang #SwiftUI #Vapor #WebAuthn #BuildInPublic #TestFlight #PWA #WebPush
Come chill with me: https://youtube.com/live/pGzyVbS8TX0
Taking another short day today, but managed to load history and think through more next steps. Tomorrow, let's get the episode thumbnails refactored into a module and rendered out. See you then!
Tomorrow’s stream: https://youtube.com/live/pGzyVbS8TX0 Playlist so far: https://www.youtube.com/playlist?list=PLRxjf93xotuofCtaxtGOcWeuxVZYJyY-m Download Jiiiii: https://apps.apple.com/app/apple-store/id6472801548?pt=14724&ct=MastodonCCStreams&mt=8
