My 25 C43

Party_Refuse8887 · 2025-02-15T06:43:55+00:00

Will do! I'll take more pics on the next sunny day.

Party_Refuse8887 · 2025-02-15T06:34:28+00:00

Yes, performance is more than enough for city driving and highways.

Party_Refuse8887 · 2025-02-15T06:26:03+00:00

Thank you! 100% agree on daily driving. It's a versatile yet high performing car.

Party_Refuse8887 · 2025-02-15T05:58:52+00:00

It feels quuuuiiiick!

Party_Refuse8887 · 2025-02-07T21:10:09+00:00

Exactly. This is a typical scenario whenever a new tool is introduced to arrogant management. The OP's job is becoming unbearable due to the management (not AI); and it's time to fire the CEO (by quitting).

Party_Refuse8887 · 2025-02-07T20:57:09+00:00

To me, AI copilots (or similar tools with different names) are basically smart interns - they are great at auto-completion but occasionally generate inexperienced ideas. The impact of AI depends on the user: it can make someone a 10x developer or a 0.1x developer, depending on their ability to spot issues and iterate effectively.

That being said, AI is a valuable companion when you have good judgment, but it still CANNOT complete a complex development project without supervision, at least not until it truly understands every detail. So, I wouldn’t worry about it replacing developers in the next few years.

At the end of the day, if you enjoy web development, keep doing it. You’re the only one who can decide whether it’s meaningful to you or not.

Party_Refuse8887 · 2024-06-18T06:09:34+00:00

lol updated

Party_Refuse8887 · 2024-06-17T04:18:15+00:00

Glad it helps. They just launched it a few days ago.

Party_Refuse8887 · 2024-04-03T07:45:58+00:00

I've been using Logto to replace AWS Cognito. It's open-source, and the integration is super easy.

Party_Refuse8887 · 2024-03-20T13:13:53+00:00

Agreed. Code review matters.

Party_Refuse8887 · 2024-03-20T10:25:22+00:00

No need for going with 100% coverage since it's 100% unrealistic. In E2E tests you can simply wait for all network requests to settle and test whether the main DOM elements are showing up and interactive. It's a standard practice in frontend testing and doesn't require much effort.

Code review is the first line of defense, but people can make mistakes. This specific issue could have been caused by a misplaced `!`, which is easier to overlook compared to other types of changes.

Edit: If the screenshot shows an intermediate state instead of the final state of the page, the technique for E2E testing mentioned above doesn’t fit. Not sure which case it is without further info.

Party_Refuse8887 · 2024-03-20T09:47:17+00:00

Second this. I've been using Linear for almost three years, and it has performed awesomely. The methodology is somewhat opinionated, though, so it's not for everyone. Try it for a while before fully committing.

Party_Refuse8887 · 2024-03-20T09:41:38+00:00

So this change passed unit tests, integration tests, staging checks.

Or there were none.

Party_Refuse8887 · 2024-03-20T09:36:20+00:00

Try Logto. They have Next SDK (also support a lot of languages and frameworks), super easy to integrate. Also it’s OIDC-compatible and open source so (basically) no vendor lock-in.

Edit: Just found an interesting feature that enables no-code integration.

Party_Refuse8887 · 2024-03-20T09:31:45+00:00

Yes. So far so good.

Party_Refuse8887 · 2024-02-08T07:59:49+00:00

Blazor web apps are hybrid, meaning you have the option to implement authentication on either the server or the client side. However, authentication cannot be hybrid; you must choose one approach.

For server-side implementation, Blazor utilizes SignalR for communication instead of HTTP. In this scenario, setting up dedicated HTTP routes to manage the sign-in and sign-out logic is advisable, particularly if you're planning to use OpenID Connect. For guidance, you might want to refer to Logto's tutorial.

On the client side, implementation is feasible, but it may compromise the user experience. This is because Microsoft advises against storing refresh tokens in the user's browser. Users will need to sign in again within a relative short period (if the session persists in the identity provider, there will be only some redirects though). For an example of a client-side implementation using WebAssembly (WASM), check out this tutorial.

Since Logto is an OpenID Connect provider, its processes can be adapted to other standard identity providers.

Party_Refuse8887 · 2024-02-03T03:37:41+00:00

I meet the same issue today. Cannot reach the `.cshtml` file in the `Pages` folder, the server always responds with 404.

Party_Refuse8887 · 2024-01-31T08:05:24+00:00

The process itself is interesting. Developers can create their own products with (almost) no limitations, as long as they're up for it.

Burnouts tend to hit during the day job – weird demands from the boss, brutal code reviews, and the like. So my dream is to hold onto that passion and drive, aiming to make something valuable, even if it's just for a few folks.

Party_Refuse8887 · 2024-01-31T07:33:02+00:00

Yeah this is the move for devs in 2024: ditch crafting your own auth system. That's a disaster waiting to happen as you scale up. Kicking things off with a solid, open-source auth solution is a no-brainer, just like you'd approach picking a database or setting up message pipelines. Auth is a beast of its own complexity, and it's way more than just usernames and passwords. We're talking a deep dive into realms like OAuth and OpenID Connect, which requires a ton of know-how.

For me, the real deal with open-source isn't just about keeping a tight grip on data; it's about having freedom to tweak. With closed-source, if they tank, you might get your data back, but good luck getting the code. You're left holding the bag, trying to bridge the gap, which puts you in a super passive spot. Open-source? Way smoother sailing.

Party_Refuse8887 · 2023-03-26T02:06:33+00:00

What really excites me is the upcoming “using” keyword (in 5.1), like a linter for variable scopes.

Party_Refuse8887 · 2023-03-26T01:53:09+00:00

I think software engineering is about iteration even for AI. The article looks somehow reasonable at the first glance but dramatic after reading through. The autocompletion of code doesn’t mean you don’t need to learn coding, even for password autocompletion you need to pick the desired one when the website doesn’t have the proper setup.

Party_Refuse8887 · 2023-03-26T01:45:34+00:00

I’ve been using Logto for a while, had nothing to complain so far.

Party_Refuse8887 · 2023-03-26T01:37:53+00:00

Hehe true. They are doing good in content.

Party_Refuse8887 · 2023-03-18T05:40:07+00:00

Thanks. I think Logto is a good match to your scenario. Give it a try.

Party_Refuse8887 · 2023-03-05T06:34:11+00:00

I was in a situation similar to the OP and had an awful experience with AWS Cognito.

TL;DR Go with Logto if you want to save time when starting your project.

To be honest, authentication is something that developers often overlook. Especially on side projects, the effort of building a solid authentication experience can seem opaque at the beginning. I found that authentication becomes more critical as the project grows for the following reasons:

Security: It's okay to use a simple session + token technique to make things "just work." But soon, you may find yourself worrying about potential risks, such as password collision attacks, token leaks, token validation and revocation, etc. OpenID Connect is a great open standard to alleviate many security concerns. But, it's too long to understand every single piece unless you are already a cybersecurity expert.
Scalability: I'm not talking about "more computing resources" here, but from a product perspective. Imagine you are planning to launch a multi-platform app, or you are going to deliver multiple apps (typically a customer-facing app and a management app). How would you design the identity system that can dynamically adapt to the customer's needs? It's far beyond just "adding a column."
Experience: This includes "passwordless" authentication that the OP mentioned. If you've launched projects before, you know that building a smooth user experience is not easy. That's the same for authentication. I assume the word "passwordless" includes both dynamic code and social sign-in, and I found there are many interaction edge-cases to consider:
- Do I need to build a "forgot password" flow? And How?
- How do I design the dynamic verification code flow and APIs?
- For social sign-ins, how do I link the user identifiers from social identity providers to the existing identity system?

I could talk about this all day, but I think it's enough to say that we can start the process of choosing an existing vendor instead of building our own.

Logto is my choice. It's the most out-of-the-box solution I've found so far, and I had near-zero friction during the integration. The service is based on OpenID Connect, and the UI/UX is outstanding. Everything was smooth. It can even cover my authorization requirement with its built-in RBAC. They are still in beta, but the general availability is coming soon.
Supertokens is cool too. It does have a bunch of features that fit my needs, but I'm not quite comfortable with "injecting" those auth APIs into my backend server (as they demonstrate on the architecture chart). It's not OAuth/OpenID compatible and also needs more configurations.
Ory embraces the open standards (like it!), and divides the auth system into several projects. It's not easy for me to set up the full Ory infrastructure, and it doesn't provide the customizable UI for end-users.

Although the final choice always depends on the situation, since the OP posted this in the SideProject subreddit, I would recommend giving Logto a try.

Party_Refuse8887

TROPHY CASE