I’ve made an app that makes it possible to schedule a post in Lemmy at an arbitrary time. It’s available at https://schedule.lemmings.world and can be used by people from any instance.

Let me know what you think!

P.S. This post was made using the app!

Edit: And it’s open source!

  • canpolat@programming.dev
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    1 year ago

    I agree that this is a feature Lemmy lacks and would be great to have in the core. And thank you for taking the time to create it. However, asking for username and password is a security problem. I’m not attributing any ill intent to your work, but something like this can very well be used to harvest account credentials. So I would advise people to not use solutions like this.

    Unfortunately Lemmy doesn’t provide a better way to implement this kind of add-ons. Hopefully one day it will have a better Auth system. Until then, I think I will stick to the official UI and hope that this will come to core :)

    • Rikudou_Sage@lemmings.worldOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I mean, if you use an app, or alternative Lemmy UI, you give it the same access. The minute Lemmy supports OAuth, I’m switching to it. Until then there’s no other way.

      It’s open source if it’s any help.

      • canpolat@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        That’s the main reason I don’t use any apps. I don’t think there is a real need to suspect the official UI. If one doesn’t trust the instance admins, then they should rather migrate.

        In case of an application running on a server, there is no reliable way to make sure that the source being shared is the source that is deployed. As I said, I don’t think you have any ulterior motives. I’m only trying to raise awareness around a specific problem with Lemmy. Perhaps I should create a separate post about this in relevant communities, if it hasn’t been done already.

        • Rikudou_Sage@lemmings.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Perhaps. Hopefully OAuth is supported soon. Don’t get me wrong, I’m not particularly fond of having access to people’s credentials as well because if I make a mistake and accidentally leak anything, a shitstorm awaits me.

      • dragontamer@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        edit-2
        1 year ago

        It’s open source if it’s any help.

        Hmm.

        You’ve made a good tool, but perhaps are conducting in the wrong marketing? If this tool were say, an easy-to-use Rasp. Pi and/or docker image that will post at the appropriate times, then it might avoid that issue?

        Then again, I see the advantage of your web-centered approach. Eventually OAuth will be a thing for Lemmy, I’m sure, and then the workflow for a web tool like this would be perfect. Username/password is strictly a temporary measure until Lemmy matures and gets OAuth features.

        • Rikudou_Sage@lemmings.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Well, it’s possible to self-host. Someone offered they will create a docker image for it.

          Note that with OAuth nothing much will change - the app will still have access to the JWT token which is used to impersonate you. And that I don’t do anything with the password you can see already in the source code:

          • canpolat@programming.dev
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Note that with OAuth nothing much will change - the app will still have access to the JWT token which is used to impersonate you.

            The user will have the option to revoke access for your application.