Log in

Previous Entry | Next Entry

I haven't been writing for a while as my attention got sideswiped by Facebook and Twitter. However, I find that I'd like to be posting longer items occasionally, mostly still privately.

Here is an outline of what I'm looking for and a proposed solution. I'm curious to get comments before I dive in to build it.

  • I don't want to blog fully publicly.

  • I don't want to blog on Facebook. Facebook is broken. [1]

  • Apparently, the verb "to blog" has finally crept into my vocabulary to replace "keep a weblog". Eek! Sorry.

  • If my blogging solution requires my friends to create a new account and log in to view my posts, they won't read my blog. (This covers both LiveJournal and a private password-protected site.)

  • There may be such a thing as authenticated RSS, but if one person gives the password for my blog to Google Reader, then its security is effectively null and void. (Right?)

So now what?

Proposed solution: distribute posts consisting of a teaser + read more link using a private Twitter stream. The link in each teaser goes to a (Drupal-based) website which shows content only to authenticated users--but people authenticate using their Twitter credentials.

So now people can find out about my posts using whatever Twitter client they like (and many friends already use one), and they don't have to create a new login to actually read them. They may even not have to give Twitter their password again if they're already logged in, just allow Twitter to authenticate them to my site with a click on a button.

Seems like a nice arrangement.

Tech details: Twitter exposes an OAuth authentication API, and there is existing OAuth support for Drupal which hides Drupal's user registration/login altogether. People are sent to Twitter's site to log in--my site doesn't find out their Twitter password. Under the covers, Drupal will create a local user account linked to the remote credentials. Presumably my site will learn the visitor's Twitter username, so I can know who's who & let them post comments. If Twitter's authentication is some day completely compromised, I can turn off the OAuth integration, and my blog posts will still be private.

Am I missing anything? Comments?


May. 11th, 2010 03:12 am (UTC)
Followup #1: The Drupal site would look at your friends list to decide what Twitter users are allowed to see blog posts.

Followup #2: When you post to your blog on the Drupal site, the edit screen would have a field for the "teaser text" (or could auto-extract the first N characters of the post), would generate a short URL, and post them together to your Twitter stream when you finalize the post. So no extra work for the author in this setup.
May. 11th, 2010 02:34 pm (UTC)
not private
So your posts are open to every twitter user in the world? Or does OAuth allow you to say "only people following me"?
May. 11th, 2010 04:36 pm (UTC)
Re: not private
No no, if the posts were public the whole scheme would make little sense.

I would cache/fetch the follower list and do access control based on it on my site.
May. 11th, 2010 07:09 pm (UTC)
Re: not private
in that case, go for it. Need hosting?
May. 11th, 2010 07:19 pm (UTC)
[1] I forgot to write this footnote. I have two issues with Facebook. I don't fully trust them to keep my posts private, and the trend of linking to anyone and everyone you know creates a superficial environment in which more personal blog posts seem inappropriate.



Latest Month

August 2010
Powered by LiveJournal.com
Designed by Ideacodes