New UI Alternatives

After looking at our UI for a while I thought, someone will have created something special for Lemmy already. So I opened our development server, told it to get the bag rolling and investigated all the apps people have created.

Have a play around, all should be up and working. If there are other apps, ideas, or ways you think reddthat could be better please let me know!

Enjoy 😃

P.S. External UIs are a security issue

I would like to let everyone know that if you are using an external non-reddthat hosted UI (such as wefwef.app for example) you have given them access to full use of your account.

This happens because Lemmy checks for new notifications by performing GET requests via the api with the cookie in the URL field. https://instance/api/v3/user/unread_count?auth=your-authentication-cookie-here. This URL shows up in the logs of the third-party user interface. So if the third party was nefarious, they could look at their logs and get your cookie. Then they can login to your account or perform any requests.

So please only use the Reddthat user-interfaces as listed here & the main sidebar.
(If you are worried, you can log out of the thirdparty website, which will invalidate your cookie).

Tiff

https://old.reddthat.com

https://alexandrite.reddthat.com

https://photon.reddthat.com

https://voyager.reddthat.com

PS. I really like alexandrite.

  • @[email protected]
    link
    fedilink
    English
    31 year ago

    Hey, I just noticed the names and domains were swapped for them. The photon one says powered by Alexandrite, and the alexandrite one says powered by Photon. Had me confused for a second when adding bookmarks in my browser. Below is a screenshot to see

    • TiffOPM
      link
      fedilink
      English
      4
      edit-2
      1 year ago

      !?!?!?!? That is hilarious.
      I have no idea why that’s happening (yet). For whatever reason they are being directed to the wrong container… I did some magic which allows me to abstract some logic:

      Web -> nginx container > check which web address it is > forward to container with same name.

      This allowed me to scale out containers and add new services (more UI apps) without having to update a huge amount of webserver logic. Seems it’s bitten in right on the side.

      Enjoy the phorite and the alexton for the time being!

      I need copious amounts of coffee and to not be caught in meetings all day :( . I’ll probably get to look at it around 9-10 UTC

      Edit: I said fuckit and restarted the front-end services, and it’s back working. I’ll investigate what went wrong later on. Now to find coffee!

    • TiffOPM
      link
      fedilink
      English
      41 year ago

      PS. I figured out what was happening! They shouldn’t cause any more issues