zzstoatzz.io / ken
fuzzy find my records ken.waow.tech
embeddings pds search
6
fork

Configure Feed

Select the types of activity you want to include in your feed.

ken / TODO.md
at main 1.5 kB view raw view code
zzstoatzz add design notes + TODO for multi-account, settings, profile record
b072d6fe

ken — next up#

multi-account + settings + profile record#

design notes: notes/multi-account-and-settings.md

what#

  • write a tech.waow.ken.profile/self record on first sign-in so indexers can discover ken users
  • consolidate all PDS record management (profile, pack, scopes) into a settings panel
  • multi-account support: link accounts, switch without re-auth, per-account indexes
  • scope management: user-selectable at login, progressive escalation (pdsls pattern)

reference#

  • pdsls (tangled.org/pds.ls/pdsls): scope selector UI, PermissionButton pattern, account manager modal
  • plyr.fm (sibling repo): group_id session linking, server-side account switching, logout modal

order of work#

  1. lexicons: tech.waow.ken.profile, tech.waow.ken.optout
  2. backend: profile read/write on sign-in, settings endpoints, scope storage
  3. frontend: settings panel, move pack actions out of meta line
  4. backend: group_id on sessions, add-account/switch-account endpoints
  5. frontend: account menu in nav, multi-account switching

context the next engineer needs#

  • ken is a zig HTTP server (0.16-dev) with a vanilla JS SPA (single main.js, no framework)
  • all state is in-memory (state.zig) — no database, PDS is the only persistence
  • session cookies are now random tokens mapped to DIDs (shipped this session, 921fefe)
  • OAuth uses zat for atproto primitives, DPoP-bound tokens, PKCE
  • the session token fix also needs to be propagated to pollz (same vulnerability)