OakWiki brings your scattered Google Docs and Notion-shaped chaos into one organised tree. Real-time presence, granular permissions, and writing tools that don’t fight you.
We need to rework the authentication flow because the current state has a hard time keeping up. The OAuth redirect chain on social login bounces through three middleware steps that don’t do anything useful, the session-fixation check is a hangover from 2019, and the password-reset email leaks the canonical user ID in the URL.
The plan is to collapse all of this into a single redirect-to-callback flow, drop the legacy session-fixation middleware, and switch password reset to short-lived signed tokens. We also want to take this chance to actually log what’s happening at each step — the current logging assumes everything works.
@/lib/auth Mikko · ETA Fri# Current flow: 3 hops, no useful logging GET /auth/oauth/provider/redirect → bounces to provider GET /auth/oauth/provider/callback → middleware spaghetti GET /auth/oauth/provider/finalize → session-fixation check (legacy) # ↓ new flow: 1 callback, structured logging GET /auth/callback → one handler, one log line per step
Moving the primary database from Postgres 14 to Postgres 16. The driver here is partitioning support — we’ve started seeing query plans deteriorate on the events table and the new built-in row-level partitioning would let us shard by month without giving up the constraint guarantees we’ve been relying on.
Plan is logical replication for the cutover. Estimated downtime: less than 90 seconds for the catchup-and-swap step.
Three focus areas for Q3. Reliability, billing, collaboration — in that order. We’re not chasing the AI-feature wave; instead we’re fixing the boring durability stuff that customers keep telling us about in interviews.
Auth redesign (RFC 042), DB migration (RFC 041), and per-region failover for the document service.
Self-serve workspace upgrades, invoice download in EU formats, VAT validation against VIES.
Backlinks (shipped in v1.4), graph view (shipped in v1.4), and a long-requested public publishing mode for selected pages.
A small, considered surface: pages, links between them, real-time presence, and granular permissions. No marketplace, no 47 block types.
Organise pages into a real tree. Move them with drag, search with /, jump with breadcrumbs. The tree is the index.
See who’s on the page right now, where their cursor is, and whether they’re typing. No “5 unread comments” banner that turns into 47.
Permissions inherit. Set “engineering can edit” on the Engineering folder, override on a sub-page if you need to. No clicking through 12 modals.
Link to a page; both sides know about it. The “Linked from” sidebar shows what references this page, no extra setup.
Drop a Notion export or a Confluence space dump. The tree comes across, pages keep formatting, internal links rewrite themselves.
We don’t auto-summarise your pages, auto-write your meeting notes, or add a chatbot. The canvas is for your words. The product gets out of the way.
Markdown-style keyboard shortcuts that just work. Headings, lists, code blocks, callouts, checklists, links. Slash command for blocks. No twelve-step formatting toolbar.
## for h2, - [ ] for checklist, > for calloutsThe default for most things is async — write it down, let people respond in their own time, only escalate to a meeting if a decision needs to be made together.
If you do schedule a meeting, three rules: have an agenda in the doc, have a written outcome, and have it land on the right page in the wiki. That last one is what makes the wiki stay current — meetings become artefacts, not events.
Set permissions at the right level. They inherit down the tree. Override where you need to. Most teams set one rule and never touch it again.
Default for most teams. New hires don’t have to ask for access.
@everyone · can readSet on the Engineering folder. Inherits to every page inside.
@engineering · can editOverride on a specific page. Just the people you list can edit.
specific users · can editPublish a single page to the world. Read-only, SEO-indexable.
link share · read-only