A modern, decentralized re-imagining of the Unix plan file. Running at https://dotplan.online.
This repository has been archived on 2022-07-19. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
Rudis Muiznieks 565edd84ab added ability to run tests against docker container 2020-07-18 22:18:28 -05:00
test added ability to run tests against docker container 2020-07-18 22:18:28 -05:00
.gitignore added Dockerfile plus started on automated tests 2020-07-18 15:24:06 -05:00
Dockerfile added Dockerfile plus started on automated tests 2020-07-18 15:24:06 -05:00
README.md finished pubkey validation service 2020-07-18 15:23:42 -05:00
schema.sql ctl script 2020-07-16 23:55:59 -05:00
server.pl finished pubkey validation service 2020-07-18 15:23:42 -05:00

README.md

dotplan.online

The un-social network.

  • User-provided content tied to an email address.
  • Text only, limited to 4kb.
  • No retweets, shares, @s, likes, or boosting of any kind.
  • Authenticity optionally verified by clients using public PGP keys.
  • Accessed via public APIs.
  • Open source.
  • Self-hostable, discovery via domain SRV records.
  • Single giant Perl script because PERL IS AWESOME!

API

Authentication

  • POST /users/{email} - request new account
    • request data: {"password":"whatever"}
    • email with validation token will be sent
  • GET /users/{email}?token={token} - validate new account
  • GET /token - retrieve auth token
    • http basic auth
    • ?expires={minutes} sets an explicit expiration, default is 5 minutes from creation
    • response data: {"token":"whatever"}
  • DELETE /token - invalidate current auth token
    • http basic auth
  • GET /users/{email}/pwtoken - get password change token
    • email with password change token will be sent
  • PUT /users/{email} - update password
    • request data: {"password":"whatever","pwtoken":"whatever"}
    • token expires 600 seconds from creation

Plans

  • PUT /plan/{email} - update a plan
    • request data: {"plan":"whatever","signature":"base64 encoded signature","auth":"token"}
    • omitting plan from the payload will delete the existing plan
  • GET /plan/{email} - retrieve a plan
    • text/plain by default - raw plan content
    • ?format=html or Accept: text/html - plan content with html entity encoding for special characters
    • ?format=json or Accept: application/json - response data: {"plan":"whatever","signature":"base64 encoded signature"}
    • 404 if no plan found
    • 301 redirect if plan is on a different provider
  • POST /verify/{email} - verify PGP signature of a plan
    • request data: {"pubkey":"ascii public key"}
    • response data: {"plan":"whatever","verified":1} or {"verified":0}
    • 404 if no plan found
    • 308 redirect if plan is on a different provider