Any big enough web project has a lot of things which can be configured here and there. What is the current application environment? What port should server be listening for incoming connections? What is our publicly available hostname we should use for links in generated emails? Should SMS messages be sent or just logged to save some money on testing stages? What about reporting data to New Relic, should it be working? All of those are settings.
Another part of configurable parameters are secrets. Starting from session secret which is used to generate secure JWT token and going on to…
Remote was not that popular just a year ago. Is your memory good enough to remember that dark age, hm? As an old fanboy of the remote first culture I remember having endless conversations on this topic with my colleagues, team leaders, bosses and CEO-s of other companies where I did consulting jobs. Many words about “special magic” of the office space and security issues have been said back then. I was not denying them, but making a statement that all of the raised questions are answerable while possible benefits of remote first approach can beat any disadvantages 100 times…
About 2 years ago I wrote an article about making friendship between
create-react-app generated application and simple HTTP server written on Golang. Here is a link to it: https://medium.com/@kimrgrey/integration-of-create-react-app-into-golang-server-47074b8dcd7d. As it was mentioned in responses there new release of
asset-manifest.json almost useless. It contained all the assets names generated by Webpack, but it was not possible to determine which ones are entry points there and should be used to construct HTML file and which ones are just chunks. As a result approach described in original article become irrelevant and not working.
Recently reviewing few different projects I’ve noticed that method
has_secure_token provided by ActiveRecord is used a lot here and there for different kind of situations where it’s actually not very good idea to use it. Specifically, different scenarios of email / role confirmation or even some user authentication flows.
TL;DR. Please, do not use this method for generating reset password tokens or anything like this. That’s it. Now if you would like to know more about why not and how you could replace it then everything written below is for you.
Lately I’ve been spending all my evenings and nights on classic ETL process development. We in Spectoos are migrating users and their data from original version of the app which exists for many years to completely new version we developed recently which is in private beta currently. It’s quite complicated multistep process since our new implementation has completely reworked model under the hood: improved and enriched in comparison to what we had previously.
From the beginning it was decided that once development will be more or less finished we provide some of our users ability to switch and give us…
Let’s say you have API which you want to be available for multiple consumers. For example, your clients are mobile application and web. What do you use for communication between server side and client side developers? You may write down documentation in plain text, use some spreadsheets or whatever you prefer. It’s ok while it works. But it’s good to know that there is pretty standard way for such kind of things — Open API. Previously known as Swagger. You also have other options such as enforced data schemas (gRPC, thrift) or even GraphQL. …
With time and practice I found out that usage of additional shortcuts available in Rails for routing (such as
member , or
collection ) usually makes more damage than good. Especially when project grows up and file
config/routes.rb become pretty nice and self documented way to find out which endpoints are available and what goes where.
In addition to my native feelings about such shortcuts recently I got a task which required separation of available endpoints on “read” and “write”. It was needed to put them under different constraints in URL-s. As a result, for every
I’m not devops or admin. My day to day job is software development. Mainly back-end (Ruby / Golang). Sometimes front-end (React). Additionally I’m dealing with databases, API-s, all the stuff. And I’m here to say that truthfully speaking nowadays it’s not needed to have any knowledge about infrastructure or deployment strategies if you just want to run another one web app. So, why should we, developers, care about devops?
For the beginning, let’s admit that PaaS platforms like heroku.com or now.sh are amazing game changers. They reduced cost of infrastructure support for initial stage of the project dramatically. If you…
UPD: Since this article has been published in 2018 a lot of changes were done to
create-react-app. Some of them were breaking an approach I described here. So recently I published a new article, which contains all the fixes required to make everything work again. Here it is: https://medium.com/@kimrgrey/integration-of-create-react-app-into-golang-server-in-2020-1aff6e93ee5a. It’s still better to start from this one, since it describes in details the idea itself and only after switch to the second one, to know what has to be changed to make it work in 2020. Have fun!
Nowadays create-react-app is de-facto official and definitely most popular way to initialize…
I’ve heard you has been offered to be promoted and your company is actively hiring now. Wanted to talk with you about it.
Even during my student being there was no doubt that software development is a kind of stuff I can, know and love to do. Even after many years in front of keyboard making code is still my job and my hobby in the same time. It’s great, isn’t it? And, as for me, this is the basic recipe of being free. This is your “don’t give a fuck” kind of ticket to the life. What…
Let's get it up and running 👌