I wanted it to be easier to sign up + in for my own blog, so I built this tool:
It’s free and open-source, and can be set up in a few minutes without editing the theme.
Here’s the blog article I wrote about it and how it works: https://www.contraption.co/trivet-adds-google-sign-in-to-ghost/
And here’s the code - which you can run yourself: https://github.com/contraptionco/trivet
Try it out and let me know what you think.
Hey @philipcontraption , nice to meet you!
Do you have a privacy policy covering use of hosted trivet? All signin/sign up member data would pass through your site, right? So the folks in the EU at least probably need to disclose that you’re doing data processing for them, and anyone using the hosted service should want to know if you’re retaining their subscriber data.
Friendly reminder to everyone that your Ghost Admin API key gives broad capabilities on your site, including all member data, theme, content, newsletters, etc. I’d want to carefully vet a service before sharing an admin api key.
Disclosure: I have a competing product on which I make <$100/month.
Hey Cathy - thanks for the questions!
Privacy policy is here: contraption.co/privacy
anyone using the hosted service should want to know if you’re retaining their subscriber data.
Trivet doesn’t retain subscriber information. But, it does store anonymized login data to make charts and enable cohort analysis. You can see exactly what’s stored here in the code: trivet/prisma/schema.prisma at main · contraptionco/trivet · GitHub
(The memberEmailHash is a one-way, irreversible hash of the email address — Trivet never stores the raw member email. It’s used only to recognize “same person” across logins - so you can tell whether it’s new google sign-ins or returning google sign-ins, without retaining subscriber PII. This is a best practice for privacy; for example, Google Ads Customer Match uses hashed identifiers like this.)
Friendly reminder to everyone that your Ghost Admin API key gives broad capabilities on your site, including all member data, theme, content, newsletters, etc. I’d want to carefully vet a service before sharing an admin api key.
This is true! Trivet is open-source, so you can deploy it yourself on your own server and retain 100% of data. (I haven’t tested it on Vercel, but their free plan will probably run Trivet just fine).
Just installed this on my site (blog.amassinsights.com) and it’s working great and I love it, thanks!