The devlog-ist/landing project focuses on creating a compelling landing experience. Recent work centered on improving SEO and ensuring proper sitemap discovery.

The Problem

The Cloudflare CDN was overriding the application's robots.txt, which prevented search engines from discovering the sitemap. This negatively impacted SEO performance.

The Approach

To bypass the CDN override, a

Working on the devlog-ist/landing project, we're refining the authentication flow. The goal is to streamline user registration and login, particularly for non-developers who might be contributing recommendations. We've adjusted the available OAuth providers to match user roles.

Previously, both GitHub and LinkedIn were presented as default options on the login and registration pages.

OAuth provides a streamlined approach to user authentication, but it's crucial to implement security measures that protect user data and prevent unauthorized access. A common scenario involves social login, where users authenticate via third-party providers like GitHub or LinkedIn.

The Problem: Unregistered Users and Automatic Registration

A potential vulnerability arises when users not yet

Maintaining a consistent URL structure is crucial for search engine optimization (SEO). Duplicate content, even with slight variations in the URL (like the presence or absence of "www"), can confuse search engines and dilute your website's ranking potential.

The Problem: Duplicate Content with Varying URL Prefixes

Search engines like Google treat example.com and `www.example.

Introduction

This article discusses a common issue in applications using GitHub OAuth for authentication: inadvertently overwriting a user's existing token with one that has fewer permissions. We'll explore how to ensure the application preserves the user's original, broader-scoped token when requesting narrower scopes during subsequent logins.

The Problem

Many applications use GitHub

This post details a recent effort to improve the security, reliability, and maintainability of our application. It covers several key areas, including XSS prevention, reCAPTCHA consolidation, OAuth error handling, dependency injection, and code cleanup.