小影 是一個在 mastodon.hk 的用戶。只要你有任何 Mastodon 服務站、或者聯盟網站的用戶,便可以跨站關注此站用戶,或者與他們互動。如果你沒有這類用戶,歡迎在此處登記
B248af366d29e695

小影 @siuying

歐資大行攻港:天哪!我喺香港都開唔到銀行戶口
hk.apple.nextmedia.com/realtim

小影 轉推

@mapleshadow mastodon 是用來討論 mastodon 的。 (認真的話是說用來找不同的人討論不同的東西。如果把另一邊的東西灌進來就沒有意思了吧?

@yookoala super excited, but too many stuff to do to make it useful.

@yookoala I don't know. Not familiar with ipfs. I believe it is not implemented. You can always use public/private key to encrypt, sign and verify each messages.

@yookoala imagine Github, if they have an app they might use tactic like using three tokens: one for refresh, one for regular api that have longer expiry, and one for critical task that have a very short expiry (like when they want to update account)

@yookoala JWT is not session. You should not consider to use it store data like session.

@yookoala advantage: it is completely stateless. disadvantage: you cant revoke session unless it is stateful.

Depends on your use case it might suit your needs. A common pattern is use two with different expiry. For example you can have a pair of refresh token and id token. refresh token is non-expiring, and are used to get new id token. id token have a relatively short expire time, and are used to authenticate user for resources. You can build revoke session logic with that.

@yookoala JWT is sound and as secure as the algorithm you used to sign it. Google and AWS both used it. The question is how you use it.

小影 轉推

@yookoala Why you would think it's risky?

Create and build modern JavaScript applications with zero initial configuration neutrino.js.org/

@yookoala webpack in general is that difficult to setup... thats why I really want to avoid it if possible.

@chainsawriot 之前係其他 app 有問題

Hacker stolen Panic people source code... panic.com/blog/stolen-source-c

小影 轉推

The Japanese soldier who fought WWII 29 more years after it finished.

This is the most complete coverage of the story I've ever come across.

youtu.be/U6rOSe3EsdM

"It’s a reminder that digital games are ephemeral. As are we all." kotaku.com/alan-wake-is-disapp

Alan Wake Sound Track 真係好正好配合隻 game ,可惜因為呢個原因要下架 twitter.com/remedygames/status 結果再買了一次