Rails has a really helpful (but not well documented) token authentication mechanism you can use for authenticating your API users. But Rails is overkill for many APIs and so I usually turn to Sinatra. Sinatra doesn’t have much selection when it comes to API authentication. At least not the secure methods I’m interested in. So for my company’s new insurance quoting and licensing API I rolled my own. Here’s how to implement secure token authentication in a Sinatra app.
Ever used a Node module that was instantiated like so:
something = new Something(). We’re used to it with built in types like
Date() but how are the developers of Node modules doing this and why would you want to?
If you’ve used Node for any amount of time you’ve probably worked with the
http module. In most cases people use it to create their own server applications or for interacting with remote APIs. Using it to make API calls is pretty straightforward but if you’re using a newer version of Node (0.10+) then you may be tripped up when you get 400 Bad Request responses from the endpoint you’re communicating with. Here are the two trickiest issues I’ve come across. Hopefully this will help someone else who is scratching their head when they get these mysterious 400 responses back after making what would seem to be a perfectly valid HTTP request.
When used wisely, metaprogramming in Ruby can be one of the language’s most useful features. During the development of my latest project I had a need to take the results of a very complex MySQL query and turn a string into a hash. Here’s how.
Nokogiri will almost always throw some error on you when installing it. I’ve got a new MacBook Pro with a pretty clean slate here so here’s the easy way to fix that.
I’m currently working on a project that’s very service oriented. That is, we’re building an app through smaller components that fit together to run a larger app. This lets me write small, focused code and use different languages and tools very easily on the backend while end users see one unified app. This isn’t always the best way to do things and there are pros and cons in the monolithic vs. microservices debate but in this case it works well for us. One problem I’ve faced, however, is how to manage our front-end assets that are shared between multiple projects. There are a lot of good options for solving this problem but in the end I chose Git’s subtree feature. Today I’ll give an overview of what the other options are, why we chose subtree over them, and how to use Git subtrees to manage a shared dependency.
My short write up on how to install Comodo’s Positive SSL cert on Apache got a really great response. Well tonight I’m installing another Positive SSL cert except this time on Nginx. This will be my second time installing a cert on a server running Nginx. It’s slightly different but not very hard. This is a short guide on how to install an SSL certificate (a Comodo PositiveSSL cert to be exact) on a server running Nginx.
I’ve been making heavy use of Grunt in all of my projects lately. One thing that I always find annoying is that I can never figure out where the latest output from the Watch task begins and ends. I find myself scrolling up to see just what’s been happening. Luckily, Grunt makes creating new tasks a snap and so I made one to help make very clear where the output from the last Grunt run begins. I’ll give you the code after the jump.
I’ve recently set up a couple of Ghost blogs to see what this new platform is all about. Ghost bills itself as a simpler Wordpress alternative for people who want to focus on writing. It received a lot of press, got funded through a Kickstarter campaign, and now has a handful of corporate sponsors backing it. Having seen its evolution from the time it was announced through the first beta to the version currently available today I have to wonder if Ghost really is worth anyone’s time. TL;DR: Ghost is overrated. Wordpress isn’t going anywhere.
I’ve been struggling for over a month with Wordpress Multisite (aka Network) crashing Apache every time I go to the Network Settings or General settings pages. At first I was convinced that it was a plugin issue but after much research and testing it turns out that you need to be very careful if you configure an FTP user for plugin and theme installation in your
wp-config.php file. Here’s how to fix the issue: