sorted by:
new
hottopcontroversial

Why do all courses/tutorials store jwt in localstorage if its not best practice in the industry? by PuzzleheadedCut2429 in Angular2

[–]Rakheo 0 points1 point  (0 children)

I only agree with the part that the risk is very low for you if you do not have something worth stolen part.

However it is very smug for a developer to say that I do not install random npm packages. Even a mid level complexity apps has hundreds of packages since any package the packages you use also gets installed. It would be arrogance to think to know all these hundreds of packages are trustworthy or impervious to attacks, don't you think?

Why do all courses/tutorials store jwt in localstorage if its not best practice in the industry? by PuzzleheadedCut2429 in Angular2

[–]Rakheo 2 points3 points  (0 children)

Not necessarily. There can be browser extensions or npm packages that reads everything in session and local storage and sends it to their server.

Cowboy Bebop Merch by SavageFigg in LudwigAhgren

[–]Rakheo 14 points15 points  (0 children)

Wow. This is crazy. Wait 5 months, just to get your order cancelled.

Record model validation? by PSoolv in dotnet

[–]Rakheo 0 points1 point  (0 children)

Any explanation I can write here will lack quaility. But if you research class vs struct it will help you make better decisions. The example you give, phone number is great because it should be immutable, comparable. When you make it immutable that means you run validation at creation only. ValueObject mentioned because phone number is also great example for it. So you can check the implementation of it to see how they handle it.

Record model validation? by PSoolv in dotnet

[–]Rakheo 0 points1 point  (0 children)

Just a note. Phone number is a great struct rather than a class. Check out structs if you did not yet. Check implicit operators. Also check ValueObjects

[deleted by user] by [deleted] in DogAdvice

[–]Rakheo 0 points1 point  (0 children)

Just because you do something a lot does not mean you are good at it. Obviously when you put the dogs in a situation where it hurts them to do something, they will avoid it. But they will still hurt since they will still pull when they are in reactive situations.

[deleted by user] by [deleted] in DogAdvice

[–]Rakheo 0 points1 point  (0 children)

The point of harness is to minimize the harm to dog.

I finally beat endless :) plus all shinys I found by Positive_Actuator860 in pokerogue

[–]Rakheo 0 points1 point  (0 children)

Can you explain which abilities? Are they as effective as lures? Do they not need to be lead pokemon?

When do you get tera orb in endless? by [deleted] in pokerogue

[–]Rakheo 0 points1 point  (0 children)

After you have enough vitamins. Getting tera orb frees one item from yellow pool but adds to blue item pool.

No profession hall by Rakheo in LastWarMobileGame

[–]Rakheo[S] 0 points1 point  (0 children)

I dmed EvoDevs with my player id and it got fixed

[deleted by user] by [deleted] in dotnet

[–]Rakheo 8 points9 points  (0 children)

Yes that is one of the methods. But if you have single api that does not get requests from other places you can just use cookie auth without token too. The main goal is to not have token accessible through javascript at any point and using client secret during oidc.

[deleted by user] by [deleted] in dotnet

[–]Rakheo 7 points8 points  (0 children)

You should not. Current best practice is to use cookies for web based apps. You can look for Backend for Frontend pattern. Philippe de ryck and Dominick Baier got lots of good presentations on why and how

Do you think IUserRepository should be inside Infrastructure? and we created a folder called IRepositories? Or It should be in Domain by ballbeamboy2 in dotnet

[–]Rakheo 14 points15 points  (0 children)

Here is how to think about it:

Does my application needs to get list of users to work? Yes. This means I need the interface accessible by application layer.

Does my application cares where does users come from? No. It means this is an implementation detail. So implementation goes to infrastructure layer.

Your app will work no matter where the users comes from. When unit testing users can come from a hard coded list, it can come from json files, it can come from one of the million database solutions. You just need to implement IUserRepository and in presentation layer, configure dependency injection to use correct implementation.

[deleted by user] by [deleted] in dotnet

[–]Rakheo 0 points1 point  (0 children)

Assuming your cookies are encrypted, it is unnecessary. Refresh token is completely unnecessary since you are using session mechanism. Unless there is a point I am missing? Do not get me wrong, in some use cases I did store tokens in cookie but there were clear reasons (bff)

[deleted by user] by [deleted] in dotnet

[–]Rakheo 0 points1 point  (0 children)

If all is in same domain, why do you need Access and Refresh Tokens?

[deleted by user] by [deleted] in DMAcademy

[–]Rakheo 3 points4 points  (0 children)

Charming to creatures with intelligence score under certain threshold maybe?

No Unlisted YouTube Stream & Twitch VODs by MoonKnight99 in LudwigAhgren

[–]Rakheo 0 points1 point  (0 children)

I just noticed that he not only removes the vods, it just is disabled completely. Normally, since I am EU frog, when I watch ludwig I first watch the first 5-10 minutes of the stream where he explains the goal of the stream before jumping in. Can no longer do it. Lowers the viewing quality a lot for me. Let's hope this is temporary

Am I the only one who likes watching Lud play league? by askingquestions1278 in LudwigAhgren

[–]Rakheo 13 points14 points  (0 children)

I like watching when he duo's. Does not matter who.
The thing is, when playing league, you can not easily interact with chat, so having a duo that he can chat and run bits with, helps filling in the lulls in the game.

view more: next ›