Details
-
Aboutstudying working
Joined devRant on 10/13/2017
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Work! Terribile doubt about our project 😭i will leave this company if we do not come up with an adult solution 😔
We are working for another Company, they asked to add a web app to their project.
We made frontend and backend, we make user auth to their api, then call their api (place order, get orders etc), passing their auth token to their services.
Which Means that our endpoints are not really protected (i think) and if we add an endpoint that does not use their api, the only way to secure them Is to take the token, validate It by calling for example get /order of the api and if It fails just discard the request....too slow?
my colleagues do not want to put a serious auth they Just want to use the company api and leave the rest open...
And the customer Just asked to use some other api functionality, but that api has another auth... How do we pur them togheter? The last api want the id of the user to do machine ti machine auth
It Is my 6th month here no one thaught me anything, i think i'll Just leave ..or am i Just experiencing the developer Daily work?😔7 -
Morning, start work, play a song for concentrating 🔥.
Calls the CEO 🦸 stop the song, answer, play, calls the PM 🧞 stop, answer, play, calls the stagaire 🧚 calls colleague🏃calls supplier🤺 song is at 1:00, restart song, song is too good to listen like this, play from the beginnig, calls the CEO 🦸 -
For persistence, either credentials or data, is there any best practice that prefer DATABASES over FILES? Files such as JSON or txt or whatever...
Do dbs offer better perfomance or security?💾5 -
Let's Say you use tokens as authorization method.... The First time you generate the token you still have to manage password and other data....how secure (tinfoil hat mode activate) do you implementat that usually?1
-
Problem with people asking us to repair things is that sometimes we don t know how to do it.
It's always closed source or you need to be aquainted with a weird new app/social network you never used. -
-"Need to install a program, but dont have a browser!"
-"Use other computer and USB stick"
-"Do i pass the icon?"2 -
Commons sense/ best practice:
Is It ok ti initialize (angular) variabile as {id:" ", name:" ", ..} to avoid errors in the browser console such as "can't get ID of undefined"?
My concern is code readability and debugging, is not ok for the ones looking at the browser console to have such useless errors, on the other side you have to initialize some variables with object that have a lot of keys(id name ecc...) Whith empty fields...useless.
The apps work both cases, whit or whitouth initialization.
By the way we are getting such data by api calls later on.3 -
How often should career advancement/raise happen and how much money should It be?
Is It fixed? I heard something like "every year level++, which means money+5%"4
