Fediseer has until now been only able to determine admins of a fediverse instance via the instance API. This worked fine for software like lemmy which display all their admins in the API, but created issues with instances which either obfuscated admin accounts (like mastodon), or which didn't display them
After verifying that the user is admin, will you continue to send PM code when logging in? If so, then software without a message receiving mechanism will still not be able to use Fediseer.
I suggest you consider the way I did it in Lemmy Federate. I create a private/public key pair and ask admins to add the public key as a TXT record. If the private key entered while logging in matches the public key in DNS, admin can log in.
This way it is not necessary to query the user with webfinger and send a message. You also avoid the hassle of distinguishing between different messaging structures in the Fediverse.
That’s a smart idea actually! Can you open a github issue for it? I’ll add it ASAP.
The only concern is about making sure this is actually a fediverse instance and not a random website.
Happy if I gave an idea.
I just do query DNS records and fetch nodeinfo. Shouldn’t that be enough?
Yes, usually if it has a nodeinfo it’s OK.