planned-endpoints
π§ 1. Gamified Auth Model (Easter Egg Unlocks)β
You asked: How do I make discovering the auth system feel rewarding?
β Idea: Content-locked Authβ
-
Anonymous users can view most (or all) content.
-
Certain pieces contain
{auth=required}
or{auth=adminsOnly}
sections. -
The first time they encounter such a section:
βπͺ Youβve stumbled upon something hidden. Want to unlock access? Youβll need to find the [mystery X].β
-
Once they trigger enough easter eggs β account unlock.
Mechanics:β
-
Track a session-based count of easter eggs found.
-
On egg #N (e.g., 3 or 5), show the βSign Up Now Unlockedβ modal.
-
Upon registration:
- Store user rank (e.g.,
visitor
,unlocked
,contributor
,admin
) in DB.
- Store user rank (e.g.,
π§ 2. Access Control Markup Tagsβ
Your {auth=adminsOnly}
, {auth=basicUser}
idea is π₯ and easily parseable.
Implementation:β
Store this metadata in each note:
{
"auth": {
"level": "basicUser",
"scopedTo": ["section-3", "comment-form"]
}
}
Or inline as markdown directives:
:::auth basicUser
This comment section requires a basic user account.
:::
At API level, you'd apply row-level filtering + dynamic section stripping based on user role.
π 3. Community Feedback: EAV Tablesβ
Youβre spot-on here β keep it simple:
β Feedback Table Designβ
CREATE TABLE feedback (
user_id UUID,
content_group TEXT, -- e.g., 'proto_product', 'book_review'
item_id TEXT,
vote_direction TEXT, -- 'upvote', 'downvote'
comment TEXT,
created_at TIMESTAMP,
updated_at TIMESTAMP,
PRIMARY KEY (user_id, content_group, item_id)
);
Add a last_changed_vote_at
if needed. You don't need SCD type 2 unless you want to build analytics on vote history (which you're rightly ignoring for now).
π 4. Planned API Groupingsβ
Comment and Vote:
Pk-ToDo think about this a bit more... e.g. nested comments
Action | Endpoint |
---|---|
Comment | POST /comment?:<article-id> |
Vote | POST /vote?:<entity:article_or_comment>&<id> |
π§ Language Hacksβ
Action | Endpoint |
---|---|
Get fluency | GET /language-hacks/:id/fluency |
Vote fluency | POST /language-hacks/:id/vote-fluency |
π Book Reviewsβ
Action | Endpoint |
---|---|
View | GET /book-reviews/:id |
Upvote | POST /book-reviews/:id/vote |
Comment | POST /book-reviews/:id/comment |
π€ Interview Questionsβ
Action | Endpoint |
---|---|
Add | POST /interview-questions |
View | GET /interview-questions |
Vote | POST /interview-questions/:id/vote |
π§ͺ Proto Productsβ
Action | Endpoint |
---|---|
Upvote | POST /proto-products/:id/vote |
Comment | POST /proto-products/:id/comment |
π§ My Content (Personal Bookmarks & Playlists)β
Some times the entire markdown will be built via data... (like for these ones)
Action | Endpoint |
---|---|
Get Bookmarks | GET /bookmarks/<category> |
Get Youtube Playlists | GET /playlists/<category> |
π 5. API Architectureβ
You mentioned:
Normal Docker container setup on EC2
SSR v. Client Sideβ
(I plan to go with the mixed model)
Ah β now weβre at the core rendering split: You're not just choosing between Django and Go β youβre really choosing between server-side rendering (SSR) and client-side composition (API + hydration).
Letβs clarify the real decision you're facing.
π§ Your Options in Plain Termsβ
β Option 1: Store Raw Markdown in a Table, Build on Fetch (SSR or Static)β
- Render full document (auth-filtered + hydrated) before sending to client
- Embed vote count, comments, etc. at fetch time
Pros:
- π No leakage β content is built server-side, scoped to the user
- π§© Can render with partials (template macros, includes)
- π Easier caching + snapshotting
- π But rendering gets heavier as logic grows
β Option 2: Client-Side Compositionβ
-
Deliver raw markdown (filtered or not)
-
Then use API calls to:
- Get vote count
- Get comments
- Maybe even hydrate
{auth=basicUser}
sections
Pros:
- π§ More modular, React-friendly
- β‘ Initial load is faster (if markdown is small)
- π€ More dynamic behavior (updating votes/comments live)
- π¬ More moving parts, possibly duplicated logic
π₯ Your Real Fork:β
You Want... | Pick This |
---|---|
Fast static preloading | SSR / prebuild |
Central control of content per user | SSR / Django View |
Fine-grained interactivity | Client-side |
Live updates to votes/comments | Client-side + API |
Simplest full-stack auth filtering | SSR |
Markdown-as-JSON-store + dynamic pieces | Client-side rendering |
π§© Mixed Model: Best of Both?β
You could:
-
Server-side filter + deliver "base" markdown
-
Handles
{auth=...}
stripping -
Possibly pre-injects placeholder markers like:
<!-- VOTE_COUNT:bookReview_id_1 -->
-
-
Client parses placeholders + injects live components
- Think: comment widget mounts on
<!-- COMMENT_BLOCK:id -->
- Votes update dynamically via
useEffect
- Think: comment widget mounts on
This way:
- SSR controls security
- Client handles live UX
β Solutionβ
Django + Markdown in DB + SSR for delivery Then client-side APIs for hydration (votes/comments)
Thatβs:
- The most secure
- The most efficient for preloading
- Still dynamic when needed
Let me know if you want help structuring:
- A Django
Note
model withraw_markdown
,uuid
, etc. - A
filter_markdown(request.user, raw)
function - JS/React that looks for
<!-- COMMENT_BLOCK:x -->
and injects components
This hybrid model is π₯ and scales well as your features grow.