-
Notifications
You must be signed in to change notification settings - Fork 2
/
notes.txt
99 lines (76 loc) · 2.83 KB
/
notes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
status loop
save doc with schema that can be displayed:
twitter name && couchdb user name.
if twitter name == configured twitter acct && username == current logged in user, then we push it.
want to take care that someone else can't force a tweet by writing docs to your local db, then they get configured to push to twitter when it comes back online.
validate that only owners may write docs with needstweet = true?
additional schema
twebz :
state : sent | unsent | sending
state_at : time()
acct : {
service : twitter,
name : jchris
},
signature : hmac(),
install:
/* create twebz database*/
setup screen
first check to see if site needs setup!
site setup:
create twebz user
put twebz user password in config.json
create twebz-config database only twebz user can read
prompt for user to setup twitter app keypair
if user is setup
main-page (if admin, link to pending users)
else
add-to-list
if user is admin
pending users
else
wait for admin
now check to see if user needs setup:
user setup:
prompt to create twebz-private-username database
ensure user is admin
(this could be skipped by giving the twebz bot admin creds)
grant access to private-db to node script
(user: twebz, password: uuid)
save uuid in private db
link twitter accounts and save creds in private-db
prompt to run twebz-node script
(can we use externals API to provide uuid to node script?)
link twitter account(s) to couchdb account
user stores a start-link-account document to the twebz db
in state "request"
user subscribes to _changes on the user db
twebz-bot gets a request-token and makes it available in the user-db,
sets the link_account doc state to "working"
twebz-bot subscribes to the user-db _changes until oath complete (w timeout)
user loads the token, marks it as used, and uses it to redirect to the twitter authorize page
user authorizes and is redirected back to the app
app updates user-db request token document with 'go'
user subscribes to user-db _changes
twebz-bot uses request-token document to get access token, updates token doc with access token, user_id, and screen_name
active state!
ability to link more states
ability for admin to setup new users
ability for user to request new setups.
option to send each tweet as any linked account
required for twebz to post to twitter:
twitter creds for tacct x are in private db for cacct
pretweet has tacct and cacct + content signed with shared secret hmac
docids need to be deterministic across nodes or else we get dup tweets
if twebz initiated, docid is couchdb id
if else, docid is twitter id.
if twebz initiated remotely, and pushed through twitter before replicated
twitter
chweet
twebz
chwitter
chweet
chweb
status couch
stouch
cotweet