KeyBloggingKeyBlogging Comments

Astro · multi-site

Astro integration guide

Standard way to install KeyBlogging Comments on Astro (and similar) sites. Use this page as the source of truth for site agents — so every property gets the same site-wide login behavior.

Admin tutorial Dashboard Agent API Home

Current embed cache-bust version: v=6

When KeyBlogging ships embed.js fixes, bump your site’s KEYBLOGGING_EMBED_VERSION (or equivalent) to match.

1. How auth works (site-wide)

One GFAVIP login covers the whole site (same origin), not each post page.

PieceRole
Login popup User signs in on https://my.keyblogging.com → popup postMessages a token to the blog
Blog storage Token saved on the blog origin in localStorage, sessionStorage, and cookie Path=/
embed.js Reads that storage on every post page; posts comments with Authorization: Bearer …
Auth bridge Layout-level listener so login is stored even if embed.js loads late or popup closes fast

Do not expect login to work across www.example.com and example.com — different origins, different storage. Pick one canonical host and redirect the other.

2. Prerequisites in KeyBlogging dashboard

  1. Premium/Team (or super-admin) account on https://my.keyblogging.com
  2. Create company + blog with a stable slug (e.g. miksblogdesign)
  3. Set blog domain to the public host only: mikesblogdesign.com (no https://)
  4. Note blog slug + use post slug = page slug (e.g. coffee, calendar2026)

3. Per-post embed snippet

On every article/page that should show comments:

<!-- data-* lets embed.js re-bind after Astro soft navigation -->
<div
  id="keyblogging-comments"
  data-blog="YOUR-BLOG-SLUG"
  data-post="YOUR-POST-SLUG"
></div>
<script
  src="https://my.keyblogging.com/static/embed.js?blog=YOUR-BLOG-SLUG&post=YOUR-POST-SLUG&v=6"
  async
></script>

Example (mikesblogdesign):

<div id="keyblogging-comments" data-blog="miksblogdesign" data-post="coffee"></div>
<script
  src="https://my.keyblogging.com/static/embed.js?blog=miksblogdesign&post=coffee&v=6"
  async
></script>

Suggested Astro helper

// src/utils/keyblogging.ts
export const KEYBLOGGING_APP = "https://my.keyblogging.com";
export const KEYBLOGGING_BLOG_SLUG = "your-blog-slug";
/** Bump when KeyBlogging ships embed.js updates */
export const KEYBLOGGING_EMBED_VERSION = "6";

export function keybloggingEmbedSrc(postSlug: string) {
  const q = new URLSearchParams({
    blog: KEYBLOGGING_BLOG_SLUG,
    post: postSlug,
    v: KEYBLOGGING_EMBED_VERSION,
  });
  return `${KEYBLOGGING_APP}/static/embed.js?${q}`;
}

4. Cache-bust version constant

Browsers cache embed.js aggressively. Always pass &v=…. When KeyBlogging releases embed fixes, bump KEYBLOGGING_EMBED_VERSION on every Astro site (or set it from an env var shared across repos).

Current recommended value: 6

5. Site-wide auth bridge (required)

Load once in the root layout (every page — not only posts with comments). This catches postMessage from the login popup and writes site-wide storage.

Component sketch: KeybloggingAuthBridge.astro

---
// Include in BaseLayout / every layout that wraps pages
const APP = "https://my.keyblogging.com";
---
<script is:inline define:vars=>
(function () {
  var TOKEN = "keyblogging_embed_token";
  var USER = "keyblogging_embed_user";
  var DAYS = 180;

  function cookieSet(name, val) {
    if (!val) {
      document.cookie = name + "=; Path=/; Max-Age=0; SameSite=Lax";
      return;
    }
    document.cookie =
      name + "=" + encodeURIComponent(val) +
      "; Path=/; Max-Age=" + (DAYS * 86400) + "; SameSite=Lax";
  }

  function persist(token, username) {
    try {
      if (token) {
        localStorage.setItem(TOKEN, token);
        sessionStorage.setItem(TOKEN, token);
        cookieSet(TOKEN, token);
        if (username) {
          localStorage.setItem(USER, username);
          sessionStorage.setItem(USER, username);
          cookieSet(USER, username);
        }
      } else {
        localStorage.removeItem(TOKEN);
        sessionStorage.removeItem(TOKEN);
        localStorage.removeItem(USER);
        sessionStorage.removeItem(USER);
        cookieSet(TOKEN, null);
        cookieSet(USER, null);
      }
    } catch (e) {}
    try {
      var bc = new BroadcastChannel("keyblogging-auth");
      bc.postMessage({ type: "keyblogging-auth", token: token || null, username: username || null });
      bc.close();
    } catch (e) {}
  }

  function accept(data, origin) {
    if (!data || data.type !== "keyblogging-auth" || !data.token) return;
    try {
      if (origin && new URL(origin).hostname !== new URL(APP).hostname) return;
    } catch (e) { return; }
    persist(data.token, data.username || null);
  }

  window.addEventListener("message", function (ev) {
    accept(ev.data, ev.origin);
  });
})();
</script>

Include the bridge in both (or all) layouts so marketing pages and posts share the same auth listener.

6. Canonical host (required)

Redirect www + http → one HTTPS apex (or one www — pick one).

Netlify netlify.toml example

[[redirects]]
  from = "http://www.example.com/*"
  to = "https://example.com/:splat"
  status = 301
  force = true

[[redirects]]
  from = "https://www.example.com/*"
  to = "https://example.com/:splat"
  status = 301
  force = true

[[redirects]]
  from = "http://example.com/*"
  to = "https://example.com/:splat"
  status = 301
  force = true

7. Astro view transitions / soft nav

8. Optional theme CSS

#keyblogging-comments {
  --kb-fg: inherit;
  --kb-muted: #6b7280;
  --kb-border: #e5e7eb;
  --kb-bg: transparent;
  --kb-accent: #111;
  --kb-radius: 8px;
  --kb-font: inherit;
}

Site-specific look = Astro/site CSS. Embed behavior & defaults = KeyBlogging.

9. Agent checklist & test plan

Implement

Test

  1. Hard refresh a post (Cmd+Shift+R)
  2. Login with GFAVIP → see “Signed in as @…”
  3. DevTools → Application → keyblogging_embed_token in localStorage and Cookies on apex domain
  4. Open a different post on the same host → still signed in
  5. Post a comment / reply

10. Troubleshooting

SymptomFix
Login works then gone on next page Auth bridge missing; or www vs non-www; or old embed without v=
Token only on my.keyblogging.com storage Expected in the popup. Blog must get token via postMessage → bridge/embed
CORS / post fails with origin error Dashboard blog domain must match host (e.g. mikesblogdesign.com)
Stale embed bugs Bump v= / KEYBLOGGING_EMBED_VERSION
Need to re-login every ~6 months Embed token TTL (default 180 days). Re-login once.

For AI site agents — paste this goal:

Integrate KeyBlogging Comments per https://my.keyblogging.com/docs/astro
- Blog slug: <SLUG>
- Domain: <apex host>
- Embed version: 6
- Include KeybloggingAuthBridge in layouts
- Canonical www/http → https://apex
- data-blog / data-post on comments div
- Cache-bust embed.js with v=6