Lemmy

13648 readers

11 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.

founded 5 years ago

MODERATORS

nutomic@lemmy.ml

Could a "login with lemmy" replace all the login with Google/Facebook we see everywhere? (lemmy.fbmac.net)

submitted 2 years ago by fbmac@lemmy.fbmac.net to c/lemmy@lemmy.ml

18 comments fedilink hide all child comments

I love the convenience of not having to create a password everywhere I need to be authenticated. It would be interesting to be able to use lemmy instead of feeding more information to these big corporations.

you are viewing a single comment's thread
view the rest of the comments

[–] poVoq@slrpnk.net 20 points 2 years ago* (last edited 2 years ago) (5 children)

No, because Lemmy doesn't support Oauth2 yet. And even if it would support it, at most it could be a "login with lemmy.ml" or similar instance specific button as the protocol requires a specific endpoint.

Edit: see other comment in this thread. With the OIDC discovery extension to OAuth2 it might be possible, but I haven't seen that feature being used this way in the wild yet.

[–] fbmac@lemmy.fbmac.net 3 points 2 years ago (4 children)

when you type poVoq@slrpnk.net I already know what instance you're from

[–] poVoq@slrpnk.net 10 points 2 years ago* (last edited 2 years ago) (3 children)

Yes, but that is not how Oauth2/OIDC works (the old OpenID did, but it has been largely abandoned).

One of the reason this approach was abandoned is that these external login automations are very easily abused for spam if you allow arbitrary instances as the auth endpoint.

[–] fbmac@lemmy.fbmac.net 0 points 2 years ago* (last edited 2 years ago)

you could accept logins only from instances that have enough trust on fediseer, I think this would work better than the old openid

load more comments (2 replies)