About two days ago we found a bug with the registration system on lemmy. Because of this we have updated our registration process a few times, and cannot deny any applications as the person registering does not receive any message and cannot re-apply.
We currently have several hundred people that we are waiting to deny, and some unknown amount of people that we denied prior to finding this issue which we would really like to contact and give them a chance to register as they didn’t write enough in their registration for us to really evaluate if they were a good fit for this instance.
If you’re a developer please take a look at this github issue and please work your magic to help fix this problem.
As an aside, we also have a list we’ve been working on for enhancements that would make moderating and administering this instance a lot easier, and enhancements we think users would enjoy in terms of UI and UX. We’d love to share these as well as facilitate a discussion to surface more ideas (and we plan to in the future), but right now we need to focus on the most pressing issue to us running this website, whether people can create an account here and participate.
As a workaround you can go into the database and query directly for users with rejected application and email provided. Then write a script to email them. Getting a fix developed, reviewed, merged and deployed will take a few days in the best case. And even longer now because we are busy with lots of things.
Thank you. I’ve suggested this method to @Penguincoder@beehaw.org and we are looking into it.
Appreciate you! Good idea. :)
Bit of a tangent here, but if you’re ever looking for experience designers to help out here and there, or to just give something a second set of eyes, I might be able to lend a hand or connect y’all with some bright and chill people.
You probably don’t want me making any PRs, but I know my way around Figma and a user test plan.
I’d love to see you redesign some parts of the Lemmy UI!
In my option, a lot of designing work is still to be done so I’d love to see mockups you can make and your thoughts on design work!
Nice! I’m pretty new, so let me get a little bit more familiar with the platform, and I’ll craft up some stuff!
If we could end up with a theme that looks a lot more like https://kbin.social, I’d be so happy. My biggest gripe with Lemmy is all of the white space, and none of the current themes improve that at all. All of the theme options offered by kbin look amazing by comparison, and to my understanding Lemmy theming is done via CSS based on Bootstrap v4, so new theme creation should be straightforward enough.
It’s to the point where, when visiting Lemmy instances, I use a custom CSS extension to modify a few properties to make it a bit more palatable to me.
If you guys ever need help creating custom themes to offer to users I’d be happy to contribute.
Can you post your user style??
But I would very much support having a more compact theme available without a browser extension. I think some tightening up up would make this place look more welcoming. It feels sort of “empty” due to all the white space.
Hey there, sure, currently I’m using this. The border between comments on a comment thread doesn’t look the best, but it makes it easier for me to track comment levels so I like it, though there are certain properties I’d like to change but can’t.
Either way, I’m using an extension called Amino to apply my CSS changes on a domain-level.
This fixes a lot of the whitespace and borders to make differentiating between posts and comments a little easier, while minimizing white space. I think it looks nice.
EDIT: I’ve made a few more changes in terms of color.
.container-lg { max-width: 1600px; } .col-md-8 { max-width: 80%; flex: 0 0 80%; } .col-md-4 { max-width: 20%; flex: 0 0 20%; } .col-sm-2 { max-width: 10%; flex: 0 0 10%; } .col-sm-9 { margin-left: 5px; max-width: 80%; flex: 0 0 80%; } .post-listing { border: 1px solid rgba(34,34,34,.125); border-bottom: 0px; border-color: #c80000; padding-top: 10px; background-color: #fff; } hr { display: none; } .border-top { border-top: 1px solid rgba(34,34,34,.125)!important; } .border-light { border-color: #e4e4e5!important; } body { background-color: #ecf0f1; } .navbar { background-color: #fff; } .card { background-color: #fff; } .comments { padding-left: 5px; background-color: #fff; }
How does this work with a federation model. Is it possible that there can be lots of different clients with different UX’es?
That’s pretty much how mobile apps work, so very likely.
Fediverse platforms in general are just different UIs for the same content since they all interop to varying degrees. You can subscribe to and interact with Lemmy content from Mastodon, as an example.
Lemmy backend and lemmy ui are separate components. Look up LemmyBB, that for example is an alternative to lemmy-ui.
Hiya! Lemmy was actually one of the reasons I started learning Rust, but I do also know JavaScript, Python, a bit of Julia, C, C++, MASM, NASM, MIPS, a bit of TypeScript, and Java. I’ve worked on both frontend and backend although I think my expertise and comfort lies with backend primarily. I’m not sure if I’d be able to help with y’all’s issue as I’m not familiar with the Lemmy codebase, but I’d be willing to try and help debug the issue and hopefully get it under control.
Thanks for posting and writing all this up. I’ll take a good look at it if this is a Friday that work tickets decide to slow down.
Likely need to define some basic rbac controls. They signed up, sure, but don’t receive a “user” role until after approval. Then in the home page, when signed in with no roles assigned, they get a banner saying they’re still pending approval and will not be able to post or comment.
The major concern will be retroactively applying user roles to the existing users.
I’m a fan of this approach. That way, we can return a 200/201 on subsequent registrations for the case where an attacker would query if a user name already exists on an instance. If rejected, remove the account. If accepted, add the user role.
I thought this was a mistake. I filled out an application early on and didn’t fill it out correctly. I expect that account was denied, but I did notice that the user was created the exact second I applied which was weird. I assume the username is now in a limbo state. Seems strange that lemmy would create an account before it’s approved.
Removed by mod
I cannot code. 🫤
But it occurs to me that we need a couple of features - although maybe they already exist.
One is the ability to back up a Lemmy account and download the data.
The other is account portability - the ability to move an account from one instance to another.
But I suspect that #2 might be impossible.
mastodon has some portability features but not the ability to fully move the content of your account: https://docs.joinmastodon.org/user/moving/ though you can move some stuff like friend lists etc.
Test
I wonder if the RES devs might consider working on BES (or LES)?
We can definitely use all the help we can get. Luckily since lemmy and its UI is open source, we can embed all this highly popular functionality directly into lemmy-ui.
I’d love it. I don’t hate the UI as it currently is, but I’d definitely appreciate some features, like the hotkeys RES has, or a tighter UI in general, with less padding and space between elements.
To be fair, tweaking the UI is surely in my power and skillset, but UI is surely my least favorite part of development as a whole.
If I remember correctly, RES has basically been limping along in maintenance mode for quite a while now and there’s only one or two people left working on it - and only from time to time.
I’m a beginner with Rust, but a full-time web engineer with React/TS/PHP/SQL/etc experience. I’m a bit swamped at the moment, but I’m down to contribute eventually :)
A “quick fix” might be to test for a user unapproved status on login and provide it as a status (e.g. 404:application_denied). Then the behaviour can be either release all created but unapproved accounts after 24hrs elapse or perma-“ban” until approved like it is now depending on server preferences.
“Quick fix” as in it’s seems quick but will take me a while to implement if I were to try and I won’t have time for a few days to get serious and become familiar with the code.
404 wouldn’t be the right status code, 403 would be more suitable.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#client_error_responses
Servers may also send [a 404] response instead of 403 Forbidden to hide the existence of a resource from an unauthorized client.
In this case, I agree that 403 is the better response, but for some resources, in the name of security and privacy, 404 might be more appropriate depending on the request.
Yeah at work we mask all responses to the client in production to x00, but in the scenereo the original commenter laid out exposing the 403 would be best.
Adding a modal client side would prob be best here.
Off topic but I’m really happy that the developers chose Rust to code Lemmy in. Low maintenance + high performance is the ideal combo for open source server software.
There are hardly any experienced Rust developers. It’s going to be a big problem.
I might need to learn Rust. Java/Kotlin/C# are fine for work, but I’m interested in new stuff anyways.
I’m a react dev. I’m happy to contribute in my spare time, probably weekends and smaller issues. I noticed the client is built in inferno, which from a quick look appears to be fairly similar to react, so I’m sure I can be useful. I’ll have a look tomorrow, can see a large list of issues so I’m sure I will find something to do.
I can’t code, but I’d be happy to send donations to those who can to work on Lemmy. I’m not a rich man but I’ll happily help how I can.
@Gaywallet what if you signed up without an email? I don’t think I added an email address until later attempts.
What can we do to reapply with a decent effort?
We do not require an email at signup for many reasons. You do not have to provide one ever. We recommend having an email in case you get locked out of your account, but that’s your choice. We are not currently denying applications, so if you are in queue to be denied (there are currently >1000 individuals in this space) you will have to wait for a fix.
There is no reapplying until this is fixed.
Does this issue also explain why I didn’t receive an email to say I was successful and only discovered I was approved by just trying to login just in case or is that a separate issue? Edit: I am a fool. I don’t believe I supplied an email address… I’m off to a great start!
We identified an issue with a few email providers blocking emails from our server, so we bought a new email address with a well-known provider to prevent this from being an issue. For those that registered with an email address, approvals should send an email. If you’ve registered in the past 24 hours with an email and did not receive one, please let us know on discord or matrix or reply and let us know here.
If you did not register with an email, there is no notification in lemmy that lets you know of approval (also lodged in bug report).
Appreciate the super quick response! As per my edit this was a case of PICNIC and I apologise for wasting your time!
@Gaywallet it might not be the best alternative but deleting users who has been declined would at least give people another go at signign up before this is fixed?
Yes it’s something we will need to pursue at some point but waiting for official fix first
I don’t really know Rust at all but it might be a good opportunity to learn. I come from a C# and Python background so I might see if there’s anything I can tackle.
