samsch

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

• The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions

jamesknelson

/**

UPDATE:

This component and hook based routing/fetching API won't work, as `useAsync()`
is an impossible component.

In order to use async functions to respond to route changes, the functions will
need to be registered with a parent cache/provider with a unique key. As such, a
more natural component-based architecture would involve a `<Route path>` component

gpeal

data class SimpleDemoState(val listing: Async<Listing> = Uninitialized)

class SimpleDemoViewModel(override val initialState: SimpleDemoState) : MvRxViewModel<SimpleDemoState>() {
    init {
        fetchListing()
    }

    private fun fetchListing() {
        // This automatically fires off a request and maps its response to Async<Listing>
        // which is a sealed class and can be: Unitialized, Loading, Success, and Fail.

nicklockwood

// Swift's untyped errors are a goddam PiTA. Here's the pattern I use to try to work around this.
// The goal is basically to try to guarantee that every throwing function in the app throws an
// ApplicationError instead of some unknown error type. We can't actually enforce this statically
// But by following this convention we can simplify error handling

enum ApplicationError: Error, CustomStringConvertible {
    
  // These are application-specific errors that may need special treatment
  case specificError1
  case specificError2(SomeType)

FranklinYu

links for old versions of Docker for Mac

Deprecated

Docker provides download links in release note. They promised that

(we) will also include download links in release notes for future releases.

Note:

heygambo

// src/config/dev.env.js
export default {
  GOOGLE_MAPS_API_KEY: 'THE KEY'
}

KentarouKanno

UNUserNotification

@available(iOS 10.0, *)
import UserNotifications

NSUserNotification API Reference
UNNotificationSound API Reference
UNUserNotificationCenter API Reference

参考URL:
iOS 10 User Notifications Framework実装まとめ

nolanlawson

Service Worker - offline support for the web

• Service Worker - Revolution of the Web Platform
• The Service Worker is Coming - Look Busy (vid)
• Service Workers: Dynamic Responsive Images using WebP Images
• Is Service Worker ready?

Progressive apps - high-res icon, splash screen, no URL bar, etc.

• Progressive Web Apps: Escaping Tabs Without Losing Our Soul

onevcat

extension UILabel {
    @IBInspectable var localizedKey: String? {
        set {
            if let s = newValue {
                text = NSLocalizedString(s, comment:"")
            }

        }
        get {
            return text

harrastia

// Decorator adapted out of Angular 1.3.8
// https://github.com/angular/angular.js/blob/v1.3.8/src/ng/rootScope.js#L196
.config(['$provide', function($provide) {

  // Minification-safe hack.
  var $$watchers = '$$watchers',
      $$nextSibling = '$$nextSibling',
      $$childHead = '$$childHead',
      $$childTail = '$$childTail',
      $$listeners = '$$listeners',