add an error message just in case

app/pages/bot/accounts_add.py

@@ -81,7 +81,8 @@ def bot_accounts_add(mysql, cfg):
 				username = client.account_verify_credentials()['username']
 				if username != session['username']:
 					error = "Please authenticate as {}.".format(session['username'])
-					print("Auth error - {} is not {}".format(session['username'], username))
+					if username.lower() == session['username'].lower():
+						error += " Make sure you capitalised the name properly - @user and @USER are different."
 					return render_template("bot/accounts_add.html", error = error)
 			except:
 				session['step'] = 1

app/webui.py

@@ -1,4 +1,4 @@
-from flask import Flask, render_template, session, request, redirect, url_for, send_file
+from flask import Flask, render_template, session, request, redirect, url_for, send_file, jsonify
 from flask_mysqldb import MySQL
 
 from mastodon import Mastodon
@@ -370,6 +370,11 @@ def img_bot_generic():
 def favicon():
 	return send_file("static/favicon.ico")
 
+@app.route("/.well-known/webfinger")
+def webfinger():
+	return render_template("webfinger.json", base_uri = cfg['base_uri']), 200, {'Content-type':'application/json'}
+
+
 def bot_check(bot):
 	# check to ensure bot is owned by user
 	c = mysql.connection.cursor()

db/setup.sql

@@ -76,3 +76,5 @@ CREATE TABLE IF NOT EXISTS `contact_history` (
   `reply` BOOLEAN DEFAULT 0,
   FOREIGN KEY (`user_id`) REFERENCES users(id) ON DELETE CASCADE
 ) ENGINE=INNODB;
+
+you need to generate an RSA key and store it in a new table for authorised fetches