Recent searches
Search options
A little late because it was the kids' birthday yesterday, this month's Stack Report, some thoughts on Django Core.
https://buttondown.com/carlton/archive/thoughts-on-djangos-core/ #Django #TheStackReport
@carlton unsurprisingly well said. Particularly agree with not tying Django to any frontend framework. I’ve been considering rewriting some of the admin JS to be framework (jQuery) free because that feels more future proof.
I wonder of the right next thing to add to auth is passkey support. Those supersede the need for MFA and there’s one interface to deal with vs many different MFA providers.
@d ah, passkeys. Not sure about that one. I KEEP reading that the implementation has betrayed the promise, so I’m postponing judgment there.
I’m pretty sure we should be able to do (say) a TOTP solution (with maybe an interface contract in the Django way) or something in core ourselves. 
(Have notes for a proposal here that might see daylight next year.)
@carlton I get the hesitation. But the JavaScript interface is also the way to support FIDO keys so would be useful either way. Either way, the contract system would be the way to go.
@carlton@fosstodon.org@d Sure! Current status: IDK 
But this might be the perfect case-study... — there are several good community solutions here.
Q: Are we able to point to them in such a way that isn't susceptible to the upkeep, rot, and politics issues, but still feels *recommended* enough to be *batteries included*?
I'm not sure what the answer is, but that feels to me to be the circle to be squared. (As it is for MFA so it is for many other features.)
As I say: Current status: IDK