this post was submitted on 29 Jul 2023
4 points (100.0% liked)

Lemmios App

225 readers
1 users here now

Community for Lemmios

founded 1 year ago
MODERATORS
 

So let me start this by thanking so many people for using Lemmios! But more people does come with some issues, I currently have 126 users on lemmy.world that have notifications enabled, which means enough requests that I am starting to hit their rate limits and a solution needs to be found. I have identified a few options:

  • Start requiring a cost for notifications in order to limit users (instructions to self-host server for no cost will be available)
  • Make notifications have a significant delay (definitely don't want this)
  • Offer to lemmy.world devs to pay for a higher rate limit just for the Lemmios servers (definitely ideal but Lemmios hasn't made any money yet and I'm a highschooler with very limited funds lol, I'll drop a donation link just in case anyone is feeling insanely generous)

What does everyone here think is the best option?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (1 children)

No, you might be thinking of the websockets that used to be supported but the API was overhauled since it was too taxing and the websocket endpoints have been removed

[–] [email protected] 2 points 1 year ago (1 children)

How does the memmy backend solves this issue?

Anyway I don’t like the idea of a 3rd party pns as long as there is no oAuth (or something similar) in place, I guess your backend has to store the users credentials or security tokens?

[–] [email protected] 2 points 1 year ago

I don’t believe that Memmy has a solution, last I checked they just don’t support notifications on Lemmy.world cause they had about 2x the requests of the next highest api user and their IP got banned. (Details might be foggy I talked to Rudd like a week ago about this)

And yes I agree that oauth is definitely the solution, however for now at least with open source apps (and backends) it is possible to make sure that only the auth token (never passwords) is sent and that the backend only uses it for the right reasons. It is also important to mention that even with oauth the app would have to send the auth token to the backend (Apollo for Reddit did this for context).