samsch

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

• The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions

GISmd

ArcGIS Version	Pandas	Numpy	Pip
10.7.1	0.18.1	1.9.3	18.1
10.5	0.18.1	1.9.3	9.0.1
10.4.1	0.16.1	1.9.2	7.0.1
10.3	x	1.7.1	x
10.2	x	1.6.1	x
10.1	x	1.6.1	x

nickrsan

"""
	A Decorator for ArcGIS Python toolbox tools (their execute function) that makes the "parameters" parameter'
	into a dictionary indexed by parameter name.
"""

from functools import wraps

def parameters_as_dict(f):
	@wraps(f)
	def wrapper(*args, **kwargs):

celoyd

# python pca_multiband.py input.jpeg output.tif
# n-band image -> PCA -> n-band TIFF image
# with lots of hackety assumptions
# (e.g., output is same type as input)

from sys import argv
import rasterio as rio
import numpy as np
from sklearn import decomposition

JeffPaine

import json
import requests

# Authentication for user filing issue (must have read/write access to
# repository to add issue to)
USERNAME = 'CHANGEME'
PASSWORD = 'CHANGEME'

# The repository to add this issue to
REPO_OWNER = 'CHANGEME'