Category Archives: Idno

Posted on
by

I have previously mentioned my two factor authentication plugin for Known. Using this plugin, you are able to grant your Known users an extra level of security on their account, allowing them to enter a secondary authentication code (usually from an authentication application like Google Authenticator on their phone).

This is a very powerful way of preventing an attacker from accessing your account by brute forcing your password (and combined with a syslog plugin + fail2ban combo makes breaking in the front door even harder).

To make it easy to register your application for two factor auth, the plugin generates a QR code that you can scan. Originally I used a Google API to generate this (connecting over TLS), which presented a problem that you had to expose your access code to a US company. For security, it’s probably better that the QR is served locally if it’s safe to do so.

Therefore, I made a small modification to the code to incorporate (a slightly modified / bugfixed) version of Terence Eden’s PHP QR Code generator.

Now, if you visit your two factor settings page over TLS, the QR code that you get will be served from your local server. If you’re site is hosted on a non-secure server (a really really bad idea, but sometimes unavoidable) it’ll fall back to serving the qr code using a secure connection to googles servers, by way of a least worst option.

Have a play!

» Visit the project on Github...

Posted on
by

Ok, so earlier I talked a bit about a Flickr photo import script for Known.

Since self-dogfooding is important, I thought I’d point you guys to my new photos site, which uses the data produced by the script’s output.

My script imports all photos, videos and tags, and also stores collections and sets.

Known currently doesn’t have a concept of grouping stuff together (although this might be on the roadmap for the future), so for the time being I’ve stored them as a GenericDataItem object. The site’s custom theme makes use of these to render sets and collections in a sensible way.

Still tweaking, but I’m pretty pleased with the results so far!

Posted on
by

A little while ago I introduced you to some command line tools for talking to your Known site.

So, using this, I put together a very quick hack that lets you tweet, via your known site, from the Unix command line.

Because, that’s how I roll.

In .bashrc I added the following:

alias tweet='status.sh https://mysite.com USERNAME APIKEY twitter::TWITTERUSER'

Assuming status.sh is on your path, when you type tweet it’ll let you write a single line of text which will be sent to your Known site and syndicated elsewhere.

Note, due to this bug, you’ll need to be running the latest version of Known for this to work!