Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
Discussion options

square-foot
Oct 14, 2024

I was playing around with Databag to setup a chat system for a community of architects. I installed Databag using the Docker route. I then realized, new users can get confused because it is so minimalistic (I personally loved it but I can think of many others who may get confused) I very much liked the fact that each person who takes an account at Databag can choose for himself/herself how much clutter he/she is willing to accept. That is excellent. Also the end-to-end encryption, federation, etc. I also loved the fact that there is no real "admin" as such. It makes things quite democratic. All those are excellent capabilities.

Here are my tips that I think can help Databag. I am 63 years old and highly opinionated so kindly pardon if this does not fit the overall goals of Databag.

  1. I wish there was an easier method to customize the interface. I managed to squirrel into the Docker container (docker exec -it databag bash) and located one index.html into which I inserted a script tag for a new JS file. Using that JS file and some CSS tweaks, I managed to insert a help link and a link for new users to separately join topics created by the main 'admin' ... This way of customizing is a hack, frankly

  2. I don't know why the Subject is optional for a Topic. I think a "Description" should also be given for each topic.

  3. There is no clear "forgot password" mechanism. If there is a field in the user profile which is a secret known only to the user (i.e. it is not displayed anywhere ... not even in the public listing); then that can be used later for implementing a "forgot password"

  4. There are no emojis and reactions. Personally I like it that way. But some architects are highly expressive (I am trying to implement Databag as a chat system for architects) and for them, those things are useful ..

  5. How does one search in the topics? I am not clear if that is implemented. I think search would be extremely useful. Now that i am kind of getting familiar with the API, I can implement a separate hack (that works outside Databag) but that would really be a hack.

Sharing a screenshot of my modified main page of Databag (on the browser). You can see the extra links at the bottom next to the New Topic button.... and changes in the main title. The help button points to an external HTML web-page which I plan to write. The icon next to it is for letting new users join topics made by one user (me... I was the first user :-) ) and that also goes to an external HTML page with some simple code (I have shared that code separately under "Show and Tell" section)

image
You must be logged in to vote

Replies: 4 comments · 3 replies

Comment options

balzack
Oct 15, 2024
Maintainer

Thank you for the feedback!

  1. The browser app code is written with react, so there might be a learning curve there, but it's included within the container under:
    /app/databag/net/web
    to build it from within the container, you would need to install the dev tools with the script:
    /app/databag/net/contianer/dev_setup.sh (really you only need the node install part for building the UI)
    then build it:
    yarn --cwd /app/databag/net/web install
    yarn --cwd /app/databag/net/web build

  2. This was more of a UI limitation. I had the option for description, but I didn't know where to usefully display it

  3. I didn't want to store people's email, so 'forgot password' wouldn't work in the usual way. Instead, there is a server admin screen, where the server admin can create a link allowing a person to access their account again.

  4. Emogis are on my roadmap, still a few months away though

  5. The topic search only filters according to the subject name. Are you asking about searching for a comment within a given topic? That would likely require a server side implementation as not all messages are cached within the client app.

It will seem like development is slow for the next few months. I am writing a client SDK and refactoring both the mobile and web apps to use that SDK. The hope is it will simplify the process of writing apps for the databag network for myself on anyone else.

Thanks again for your interest in this project!
You must be logged in to vote
0 replies
Comment options

square-foot
Oct 15, 2024
Author

Hi

  1. I don't use React but I am sure this is useful for those who do
  2. Description can go below the 'subject', I would have thought
  3. I am confused. That method seems to be insecure as one user may end up asking for the recovery 'token' for someone else from the admin. I guess in situations where the admin personally knows each one who is joining, this could work but frankly without the user sharing some kind of pre-set mutual secret with the admin, account recovery in this manner can be highly insecure (IMHO)
  4. I am okay with emojis and reactions coming later
  5. Can I search directly in the sqlite file ? I can write a separate (outside Databag) backend for this
  6. How scalable is this? i.e. how many users can one instance of Databag handle?

Thanks a lot
You must be logged in to vote
2 replies
@balzack
Comment options

balzack Oct 16, 2024
Maintainer

Hello,

  1. I think it can go there, but I also liked showing the members of the Topic. I felt there was only enough room for the description or the topic, but let me know if you feel different, or if the topic members isn't useful

  2. I agree, I haven't provided a good solution for the case where you host for unknown people. In that case if they forget their password, there ins't a good mechanism for recovering an account. I am not sure what the best solution is here, I would like to avoid the storing of email addresses or phone numbers.

  3. Yes, you can access the sqlite at: /var/lib/databag/databag.db.

  4. The network is scalable in terms of nodes, but each node is primarily designed around personal or group hosting. To make an individual node more scalable a postres or mysql DB should be used. This isn't too difficult as an ORM is used by the server to interface with the DB, but would still require some development effort if this turns out to be needed.

Thanks for the great questions!
@square-foot
Comment options

square-foot Oct 18, 2024
Author

Thanks. I thought Sqlite itself can handle quite a lot of data. The type of users Databag is meant for, I do not see very high volumes or very high concurrent use. I am most happy with Sqlite. I usually code in Pocketbase, and that also uses Sqlite. Backing up Sqlite is really easy.

I too agree about storing email address and phone numbers. If you can add a private field in the profile of each user -- where the user can fill some value (shared secret); and assign the viewability only to the main admin (and nobody else) then the main admin can ask for that shared secret and only then generate the new link for the user. This can even be done programmatically, I think. So you don't need to have a manual intervention. It should work as a reasonable reset password kind of feature
Comment options

balzack
Oct 19, 2024
Maintainer

You are right, sqlite can handle a good amount of data, so it should be fine for almost all use cases. I suppose there could be a point where some larger entity hosting many accounts would want something different, but that hasn't happened yet.

I like the idea of a shared secret, perhaps somehow using it in conjunction with the OTP (one time pass) code?

Thanks for the suggestions!
You must be logged in to vote
1 reply
@square-foot
Comment options

square-foot Oct 19, 2024
Author

Yes, in the profile editor for every user, you can give one more additional input field for the shared Secret, with a one line/placeholder stating that this is only seen by the admin and is needed for resetting your password.

Then one a generic form (which does not need a login) where you ask anyone who wants to reset an account to enter the username, and the sharedsecret -- and on filling that the server will check the shared secret, and reveal the magic link to the one who called for it

I am not an Ux expert, but I think the above would work quite well
Comment options

balzack
Oct 20, 2024
Maintainer

Yes, I can see something like that working. I will add that to the dev backlog. Thank you!
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
💡
Ideas
Labels
None yet
2 participants
@square-foot @balzack
Morty Proxy This is a proxified and sanitized view of the page, visit original site.