In true dansup fashion, I overengineered the Loops Invites feature. So, to prevent enumeration, we require a captcha before validating the invite key (if you have captchas enabled, which you should) Then we verify the invite key securely (preventing timing attacks) after a 3-5 second delay, and rate limit requests by IP. Then we create a session token which is used in subsequent requests (like username availability/age gate) And expires in 15 minutes. There is more, but that's the gist 😎
oh dang, @stux⚑ did you know gram.social is more active than mstdn.social?? Pixelfed is really thriving ✨ Source: https://fedidb.com/servers image
It's sad to see instances shut down without warning, I'm working on a short term and long term plan The short term plan: Personal Archive Node (PAN) - The Mini-PDS PAN will work with Pixelfed, Loops, Mastodon and other projects, and you can self-host or use a trusted PAN server, giving you peace of mind knowing *most* of your data is easily recoverable + migratable to another server, should you ever need it ✨ The long term plan: Personal Data Vault (PDV) - DID Layer for ActivityPub #soon #ap
I built a fediverse onboarding tool, powered by FediDB and CommunityDB. It's open source, and I'd love more help! https://fedidb.com/welcome Source:
GitHub
fedidb-nuxt/pages/welcome/index.vue at main Β· fedidb/fedidb-nuxt
the next generation frontend for FediDB.com. Contribute to fedidb/fedidb-nuxt development by creating an account on GitHub.
 CommunityDB:
GitHub
GitHub - fedidb/communityDB: Human curated fediverse data
Human curated fediverse data. Contribute to fedidb/communityDB development by creating an account on GitHub.
 #Fediverse #FediDB #Onboarding