There is a standard called IndieAuth, which allows logging on to websites using your own website. It’s based on OAuth 2.0, and uses your own URL as canonical identity, replacing the username.
Interpersonal is an IndieAuth endpoint for my static site. Perhaps it’ll be useful to others as well.
My main goal was to support IndieAuth but keep my statically-generated blog hosted where it is. IndieAuth requires server-side logic, but server-side logic requires more maintenance and can be the source of security issues. I want to make sure that even if my server-side code breaks and I don’t have time to fix it quickly, my actual site content will stay up.
- Build Interpersonal into a pluggable, generic connector the IndieWeb. I want it to be well-suited to static sites, but it would work just as well for dynamic sites that don’t provide an IndieAuth endpoint of their own.
- Document and provide examples for different hosting scenarioes. I use Apache and WSGI because it’s already in production for me and I’m familiar with it. It could also be hosted on a shared hosting site like Dreamhost, in Docker, behind nginx or waitress, etc.
- Support micropub, which would mean support for posting to my blog, which would mean supporting committing to git using the GitHub API. I’d like to make this generic too, and allow pluggable posting modules, but I’m not sure how that would work yet.
- Accept Webmention on my own blog.
It’s very “boring” – Python 3, Flask, WSGI, SQLite, behind Apache. SQLite is well suited for this, and I don’t even need to make any backups – the database contains only tokens, and if they are lost you will simply have to re-authorize them.
You might also take some inspriation with how I deploy it to my own server using Ansible.
Currently I’m calling this an alpha release, although I am actually using it on my own site.