Oauth
Oauth is a system used in authentification on the web nowadays.
The idea is that authenticating is easy, with password and username/email/name/whatever-id-you-want. But this is not secure enough. Plus, people get tired of logging on every site they use.
Oauth came out in 2010, when people were trying to remedy to that problem with different theories, OpenID being one of them.
So in the end, they came up with this way to identify an user on one site, and share that identification on every app authorized by this site and the user.
Let me try to explain the process a bit :
- The app maker registers on the giver’s site (Twitter, Facebook, …)
- The giver’s site give the app maker a private API Token, a code that can be use to identify that app when it talks with the giver’s site.
…Time passes…
- An user comes on the site, tries to log in
- The app redirects to the giver’s site where the user is asked to log in. In the background, the app gives the API Token on the way, as a proof that the user is coming from there.
- The user authorizes his account to be linked/identified on this app. The giver’s saves that decision.
- The giver’s site sends back a User Token to the app.
Now, the app has an API Token and a User Token. Using these 2, the app can ask the giver’s site for info (last tweets? send tweet?), and while this is true, the user is authenticated on the site.
In the end, the user only has to login once, and nobody has the user password or anything. And anytime somebody’s info is asked for, the giver’s site verifies that the asking app has the rights.
This, ladies and gentlemen, is what we played with yesterday ;) This : Tweet from Heroku is an example ;)
Other languages / Frameworks
The world of development is full of a lot (really… a tremendous amount) of languages and frameworks. People don’t use them the same way, in the same places, but I can tell you that to do one thing, you have multiple tools in development.
In DBC, we learn about Ruby, Javascript, HTML, and CSS, mostly. We cover a few framework for each of those too. But in the end, we are not here to learn languages.
No good developer knows one language by heart.
… Let me rephrase and split that that:
- A good developer does not know fully a language, knowing that is what makes him really good.
- A good developer learns new languages/frameworks all the time. One does not “know one”, but learns many.
I try to work on that and get the second part up and running, and that is really fun. Also, using tools made by and for other people is really eyes opening. I love it.
I had ideas about that yesterday and I’m thinking I’ll learn a bit more about the languages I already approached but did not use that much as soon as I have 5 minutes (probably this weekend).
A fun day with Armando
Yesterday, we paired with Armando again.
I was looking forward to it. He has been down for a bit, with a lack of self confidence and some doubts about his skills, and I was looking forward to doing my best to work on helping him with that.
Well, you know what? He f*cking rocks! We had fun the whole day, finished most of the challenges, and the best part :
Teachers did not try and assess him. And if they don’t, that means that THEY don’t doubt him. And one thing that I know :
If the person that’s making it hard on you, teaching you, and taught hundreds before, has no doubt about you… that probably means you should stop doubting and assume you do (not really fully) know what you’re doing.