Simple API Authentication With Authorization Headers in Sinatra

Rails has a really helpful (but not well documented) token authentication mechanism you can use for authenticating your API users. But Rails is overkill for many APIs and so I usually turn to Sinatra. Sinatra doesn’t have much selection when it comes to API authentication. At least not the secure methods I’m interested in. So for my company’s new insurance quoting and licensing API I rolled my own. Here’s how to implement secure token authentication in a Sinatra app.

Read on

Initializing a New Object in Node

Ever used a Node module that was instantiated like so: something = new Something(). We’re used to it with built in types like Date() but how are the developers of Node modules doing this and why would you want to?

Read on

Making Raw HTTP Requests in Node

If you’ve used Node for any amount of time you’ve probably worked with the http module. In most cases people use it to create their own server applications or for interacting with remote APIs. Using it to make API calls is pretty straightforward but if you’re using a newer version of Node (0.10+) then you may be tripped up when you get 400 Bad Request responses from the endpoint you’re communicating with. Here are the two trickiest issues I’ve come across. Hopefully this will help someone else who is scratching their head when they get these mysterious 400 responses back after making what would seem to be a perfectly valid HTTP request.

Read on

Turn a String Into a Hash With String.to_hash in Ruby

When used wisely, metaprogramming in Ruby can be one of the language’s most useful features. During the development of my latest project I had a need to take the results of a very complex MySQL query and turn a string into a hash. Here’s how.

Read on

Fixing Nokogiri Installing Errors on OS X (Again)

Nokogiri will almost always throw some error on you when installing it. I’ve got a new MacBook Pro with a pretty clean slate here so here’s the easy way to fix that.

Read on

Share CSS Between Related Projects With Git Subtrees

I’m currently working on a project that’s very service oriented. That is, we’re building an app through smaller components that fit together to run a larger app. This lets me write small, focused code and use different languages and tools very easily on the backend while end users see one unified app. This isn’t always the best way to do things and there are pros and cons in the monolithic vs. microservices debate but in this case it works well for us. One problem I’ve faced, however, is how to manage our front-end assets that are shared between multiple projects. There are a lot of good options for solving this problem but in the end I chose Git’s subtree feature. Today I’ll give an overview of what the other options are, why we chose subtree over them, and how to use Git subtrees to manage a shared dependency.

Read on

Installing Comodo PositiveSSL Certificates on Nginx

My short write up on how to install Comodo’s Positive SSL cert on Apache got a really great response. Well tonight I’m installing another Positive SSL cert except this time on Nginx. This will be my second time installing a cert on a server running Nginx. It’s slightly different but not very hard. This is a short guide on how to install an SSL certificate (a Comodo PositiveSSL cert to be exact) on a server running Nginx.

Read on

Keep Track of the Latest Grunt Console Output

I’ve been making heavy use of Grunt in all of my projects lately. One thing that I always find annoying is that I can never figure out where the latest output from the Watch task begins and ends. I find myself scrolling up to see just what’s been happening. Luckily, Grunt makes creating new tasks a snap and so I made one to help make very clear where the output from the last Grunt run begins. I’ll give you the code after the jump.

Read on

Ghost: The Overrated Blogging Platform

I’ve recently set up a couple of Ghost blogs to see what this new platform is all about. Ghost bills itself as a simpler Wordpress alternative for people who want to focus on writing. It received a lot of press, got funded through a Kickstarter campaign, and now has a handful of corporate sponsors backing it. Having seen its evolution from the time it was announced through the first beta to the version currently available today I have to wonder if Ghost really is worth anyone’s time. TL;DR: Ghost is overrated. Wordpress isn’t going anywhere.

Read on

Wordpress Settings Page Segfaults Apache

I’ve been struggling for over a month with Wordpress Multisite (aka Network) crashing Apache every time I go to the Network Settings or General settings pages. At first I was convinced that it was a plugin issue but after much research and testing it turns out that you need to be very careful if you configure an FTP user for plugin and theme installation in your wp-config.php file. Here’s how to fix the issue:

Read on