I’ve made an app that makes it possible to schedule a post in Lemmy at an arbitrary time. It’s available at https://schedule.lemmings.world and can be used by people from any instance.
Let me know what you think!
P.S. This post was made using the app!
Edit: And it’s open source!
You must log in or register to comment.
Thank you for the website! Are you plañing to add the option to post pictures as well ?
Not currently, no. You can post pictures by uploading it somewhere first and then using it as a link.
If more people use it and want that feature I’ll consider it, but so far it’s not planned.
I agree that this is a feature Lemmy lacks and would be great to have in the core. And thank you for taking the time to create it. However, asking for username and password is a security problem. I’m not attributing any ill intent to your work, but something like this can very well be used to harvest account credentials. So I would advise people to not use solutions like this.
Unfortunately Lemmy doesn’t provide a better way to implement this kind of add-ons. Hopefully one day it will have a better Auth system. Until then, I think I will stick to the official UI and hope that this will come to core :)
I mean, if you use an app, or alternative Lemmy UI, you give it the same access. The minute Lemmy supports OAuth, I’m switching to it. Until then there’s no other way.
It’s open source if it’s any help.
That’s the main reason I don’t use any apps. I don’t think there is a real need to suspect the official UI. If one doesn’t trust the instance admins, then they should rather migrate.
In case of an application running on a server, there is no reliable way to make sure that the source being shared is the source that is deployed. As I said, I don’t think you have any ulterior motives. I’m only trying to raise awareness around a specific problem with Lemmy. Perhaps I should create a separate post about this in relevant communities, if it hasn’t been done already.
Perhaps. Hopefully OAuth is supported soon. Don’t get me wrong, I’m not particularly fond of having access to people’s credentials as well because if I make a mistake and accidentally leak anything, a shitstorm awaits me.
It’s open source if it’s any help.
Hmm.
You’ve made a good tool, but perhaps are conducting in the wrong marketing? If this tool were say, an easy-to-use Rasp. Pi and/or docker image that will post at the appropriate times, then it might avoid that issue?
Then again, I see the advantage of your web-centered approach. Eventually OAuth will be a thing for Lemmy, I’m sure, and then the workflow for a web tool like this would be perfect. Username/password is strictly a temporary measure until Lemmy matures and gets OAuth features.
Well, it’s possible to self-host. Someone offered they will create a docker image for it.
Note that with OAuth nothing much will change - the app will still have access to the JWT token which is used to impersonate you. And that I don’t do anything with the password you can see already in the source code:
- Here’s the login controller
- Here’s the authenticator that intercepts the http request when logging in
- The authenticator passes the password to API factory
- The factory passes it to the api library
- That finally passes it to the http request against Lemmy api and that’s pretty much it (the http uses Symfony, a very respectable and widely used framework)
- Nowhere else is the password used
Note that with OAuth nothing much will change - the app will still have access to the JWT token which is used to impersonate you.
The user will have the option to revoke access for your application.
True, forgot about that.
deleted by creator
