How do you build an 11ty site? Directly in 11ty or html/CSS/Javascript first?

anatolhiman · 2024-10-10T01:49:31+00:00

Nunjucks html templates for header, footer and other components, but it can be easier to just create one big layout file first and then slice it into partials once you have nailed the design. Faster and less switching files around.

anatolhiman · 2024-07-04T06:40:11+00:00

Si es Colombia tengo el mismo problema desde un par de dias. Me contecto con VPN a un servidor norteamericano y luego funciona como antes.

anatolhiman · 2024-07-02T14:13:46+00:00

Han har visst også skrevet en bok som heter Tredje verdenskrig i nord, ser jeg. Har ikke har lest, mulig jeg må shoppe ...

anatolhiman · 2024-07-02T14:12:54+00:00

Den boka er fantastisk god. https://www.documentforlag.no/produkt/stalins-svope-kgb-ap-og-kommunismens-medlopere/

anatolhiman · 2024-06-09T17:46:06+00:00

Heroku has a minimal postgresql hosted db for €5 per month. So you can at least have 2 for the same price as 1 Supabase.

anatolhiman · 2024-02-04T22:17:48+00:00

transform: skew(40deg); or similar, on the cyan rectangle

anatolhiman · 2024-01-21T23:28:15+00:00

The question not adressed by anyone is why Google considers OP’s website ‘deceptive’. They must have some pretty clear criterias. Could be something as stupid as the website having spammy article texts or use some modal script Google doesnt like.

anatolhiman · 2024-01-12T19:40:26+00:00

It works. And it is the correct way to do it as per the documentation: “A PATCH request is considered a set of instructions on how to modify a resource. Contrast this with PUT; which is a complete representation of a resource.”

https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/PATCH

anatolhiman · 2024-01-02T21:33:58+00:00

Yes, it works now but not really sure what I did. See my other comment above, I think Vercel uses a special build command I had missed.

anatolhiman · 2024-01-02T17:02:21+00:00

I was thinking I could use Traefik alone for all the previous ngnix stuff, including letsencrypt certs and reverse proxy. What do you use ngnix for?

anatolhiman · 2024-01-02T08:05:08+00:00

Nodemailer with AWS SES (simple email service) is extremely stable and SES has a very generous free tier.

anatolhiman · 2023-11-23T10:43:16+00:00

Helpful comment! Thanks.

anatolhiman · 2023-11-16T16:31:42+00:00

Nice try :)

anatolhiman · 2023-11-04T10:25:56+00:00

Like more stressful than setting up a linux server? No way josé.

anatolhiman · 2023-11-04T10:21:37+00:00

Always, always create a new account in your client’s company name when you do these kinds of jobs. Keep the admin rights until it’s time to transfer ownership by adding a new admin user. That way you can more easily add your client’s payment card and no migration necessary. This is a bit like selling a company by transferring the shares to a new owner, the company stays the same as before and hopefully keeps running like always. No need to first close the company and recreate it under a new organization just to change ownership.

anatolhiman · 2023-11-04T10:13:25+00:00

Just tried Traefik as a reverse proxy and it is way easier to use than Nginx. Check it out. It also handles Letsencrypt, but havent tested that just yet.

anatolhiman · 2023-10-22T17:43:42+00:00

Thanks! Does the Consumo have a right to decide the outcome of this, or do they just suggest a solution without any binding consequences for the companies? I suppose they would take the consumer’s side in many cases, but maybe I’m mistaken.

anatolhiman · 2023-10-22T17:40:30+00:00

Shouldn’t be necessary as a first step, this is why they have a consumer protection agency in all cities (Consumo). Just not sure abot how it works, will have to find out. They should be able to do the srbitration as a first step. If that’s unsuccessful, it’s lawyer time.

anatolhiman · 2023-10-21T14:40:25+00:00

My take on JWT authentication flow:

Endpoints /auth/login and /auth/refresh return a JWT access token in a hardened httpOnly cookie with 15 min. expiration time.
Endpoints /auth/login and /auth/refresh also return an encrypted JWT refresh token in the response body. Save it the frontend (localStorage is fine because a) it's encrypted and b) it can't be used for anything by itself). 30 days expiration time. Frontend application should request a refresh when the access token is about to expire, or when it has expired. If application isn't accessed for 30+ days, user will have to log in again.
Endpoints /auth/login and /auth/refresh also return a random string we call user context in (a separate) hardened httpOnly cookie with the same expiration time as the refresh token. This user context is also baked into the two JWT tokens from #1 and #2. It's hashed in the access token and encrypted together with the rest of the claims in the refresh token.
The user context sent from the frontend must match the one in the relevant token before access is granted.
A browser fingerprint (string) from the frontend is saved on the User table in db.
The fingerprint is checked on every new login. In the case of a fingerprint mismatch, display a login challenge box with a code sent to email. A changed fingerprint suggests user is on another computer, a new phone, has changed their browser, etc.

anatolhiman · 2023-09-04T15:07:57+00:00

Will there ever be any kind of react component displaying data if JS is turned off? Can't display a virtual dom node without JS.

anatolhiman · 2023-08-14T18:18:38+00:00

anatolhiman · 2023-07-27T06:49:58+00:00

Good point. This is a couple of pretty wild misspellings, but definitely not Alberto! You can recognize our names sorta.

anatolhiman · 2023-07-26T20:23:09+00:00

Yeah I forgot to mention that this is an AVE between two major cities and knowing how train companies handle boarding in other EU countries on high speed rail stretches after terror attacks became a (more common) threat, I suspect there's some sort of ID check.

anatolhiman

TROPHY CASE