So let me start this by thanking so many people for using Lemmios! But more people does come with some issues, I currently have 126 users on lemmy.world that have notifications enabled, which means enough requests that I am starting to hit their rate limits and a solution needs to be found. I have identified a few options:

  • Start requiring a cost for notifications in order to limit users (instructions to self-host server for no cost will be available)
  • Make notifications have a significant delay (definitely don’t want this)
  • Offer to lemmy.world devs to pay for a higher rate limit just for the Lemmios servers (definitely ideal but Lemmios hasn’t made any money yet and I’m a highschooler with very limited funds lol, I’ll drop a donation link just in case anyone is feeling insanely generous)

What does everyone here think is the best option?

  • mrlavallee@lemmy.worldOPM
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    No, you might be thinking of the websockets that used to be supported but the API was overhauled since it was too taxing and the websocket endpoints have been removed

    • Gollum@feddit.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      How does the memmy backend solves this issue?

      Anyway I don’t like the idea of a 3rd party pns as long as there is no oAuth (or something similar) in place, I guess your backend has to store the users credentials or security tokens?

      • mrlavallee@lemmy.worldOPM
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I don’t believe that Memmy has a solution, last I checked they just don’t support notifications on Lemmy.world cause they had about 2x the requests of the next highest api user and their IP got banned. (Details might be foggy I talked to Rudd like a week ago about this)

        And yes I agree that oauth is definitely the solution, however for now at least with open source apps (and backends) it is possible to make sure that only the auth token (never passwords) is sent and that the backend only uses it for the right reasons. It is also important to mention that even with oauth the app would have to send the auth token to the backend (Apollo for Reddit did this for context).