... to my blog style space for easier contribution by third parties and to provide what I believe to be an easier reading experience. Please field all enquiries and issues to the source repository.
AbstractUmbra
/ 00-deprecation.md
Last active
July 14, 2024 16:01
discord.py 2.0+ slash command info and examples
InterStella0
/ HelpCommand_walkthrough_guide.md
Last active
June 4, 2024 18:06
Walkthrough guide on subclassing HelpCommand
This guide will walkthrough the ways to create a custom help command by subclassing HelpCommand.
richardblondet
/ README.md
Last active
July 5, 2024 11:50
Create a simple API backend with Google App Script and a Spreadsheet
Inspired by this gist.
- Create a new App Script project.
- Paste the content of the file
google-app-script-crud.gsin the defaultCode.gsfile. - Create a new Spreadsheet.
- Copy the Spreadsheet ID found in the URL into the variable
SHEET_IDlocated in line 1 of your file.
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
- The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions