John Siracusa
π€ SpeakerAppearances Over Time
Podcast Appearances
You put in a username and password, and if it's not HTTPS, it sends them in clear text.
yeah yeah i mean anyway it's very primitive but i said like and that's that's fine but like it just bothered me it's like it was what is this the 1990s i'm using hdb basic auth in 2025 i just felt wrong and i had just added pass keys to atp that i found honestly basic auth okay for whatever it's worth sorry basic auth over https is not that bad
I know, I know, I know.
I'm just saying, anyway.
Okay, sorry.
Why don't I add a Passkey-based account system to my status board website?
I've already, like, Cloud Code has already shown me that it can do it in PHP, no less.
It should be easy to do it in Node, because that's, like, an actual implementation with, like, real libraries and stuff.
It should be a snap.
Like, there's a million examples.
Like, this is the thing Cloud Code should knock out of the park.
And then I had to decide, like, okay, well, how should an account system work on, like, a personal tool website that's only supposed to be accessible to me?
And I had to go through, like, it's like really weird.
So first of all, you know, status board, its persistence layer is essentially, it's R2, essentially S3.
Everything is in JSON files in S3.
There's no database.
It's just, you know, because the data volumes are minuscule, nothing ever, like, that's it.
That's its data storage.
Same thing with the account system.
Like, okay, well, that's fine.