Showing 5 posts by,

Alexis Hevia

Working with US time zones always gets me confused. I am not sure if it is especially hard for me because I grew up in a country with a single time zone and no daylight saving time, or if it is just hard for everyone. Either way, I decided to write a simple command line tool to make it a little easier: timezones-cli. To use it, you first install it with npm: npm install -g timezones-cli Then you can convert any datetime (in ISO-8601 format) to th

Imagine you are writing a basic to-do list in Vim: - Write a failing test - Make the test pass - Refactor When you finish the first task, you want to add a check mark next to it: ✓ Write a failing test - Make the test pass - Refactor To do this in vim, you can use the following command: i Ctrl+v u2713. Let us break that down: i go into INSERT mode Ctrl+v go into ins-special-keys mode u2713 insert the Unicode character CHECK MARK (U+2713) You mi

There are 3 basic rules for keeping user credentials secure: NEVER store passwords as plain text. ALWAYS use a random salt when encrypting passwords. DO NOT roll your own crypto. Lucky for us, the pgcrypto module in PostgreSQL makes it very easy to follow these rules. Let us take a look at an example. First, we need to enable pgcrypto: CREATE EXTENSION pgcrypto; Then, we can create a table for storing user credentials: CREATE TABLE users ( id

Many applications require keeping track of when database records are created and updated. In PostgreSQL, we can track creation date by adding a created_at column with a default value of NOW(). However, for tracking updates, we will need to make use of triggers. Triggers allow us to define functions to be executed whenever a certain type of operation is performed. In this case, we will need to make sure that before any UPDATE operation, PostgreSQL

I recently had to build a RESTful backend for a new application and had to decide which authentication mechanism to use. Typically, I would use HTTP sessions. However, this app was going to have both web and mobile clients, and I had been reading about how JSON Web Tokens (JWT) have become the de-facto authentication mechanism for mobile apps, so I decided to give them a try. As I started doing some reading on JWT, I was a bit surprised by the l