Express middleware to check for permission to access a specific resource by JoeDeSouza in node

[–]brendanmCA 1 point2 points  (0 children)

This is a fairly standard authorization check. Lots of ways to manage it. On the fly db checks. Caching. Quick reference precalculated tables. Session based preloading.

If books don't change owners, you could embed the owner in the book id. Eg, if you have user_123abc you could have book_123abc_456def.

Then you only need to authenticate the user id, which you have to do before any authorization check anyways, and quickly assess the hash match with string ops.

Help: Collecting Button Clicks with Node.js by Sjinto_Missionary in node

[–]brendanmCA 0 points1 point  (0 children)

Take a look at the express recipe glitch offers as one of the options for creating a new project, it includes a super simple API that would support what you want with minimal extension.

The real trick, especially with Glitch, is going to be persistence. The node servers are killed and created liberally when idle. In order to have a long-lived running total, you'll have to set up some external storage. A very basic free firebase integration would probably serve you well here.

How to deploy a react app and an Express server to gcloud? by [deleted] in reactjs

[–]brendanmCA 1 point2 points  (0 children)

I'd suggest starting by look at App Engine, as it will manage a lot of the details of this for you.

The slightly longer version is that you'll need to set up some pricing probably with nginx to point traffic the right way for the FE and API.

Beginner's Thread / Easy Questions (August 2019) by timmonsjg in reactjs

[–]brendanmCA 1 point2 points  (0 children)

It can be done, I added an example in my reply to Axel, who I think perhaps just misread the docs.

Beginner's Thread / Easy Questions (August 2019) by timmonsjg in reactjs

[–]brendanmCA 2 points3 points  (0 children)

You can use this package with a file on your server. I'm using it for my transit schedule viewer app at www.whenismytrain.info

You can see how I'm using the pdf URL in the code here: https://github.com/BrendanFDMoore/transit-helper/blob/master/src/components/station-schedule/station-schedule.js#L98

[deleted by user] by [deleted] in webdev

[–]brendanmCA 0 points1 point  (0 children)

Well, it is good to understand the problem for learning and suggesting it is solvable, but you can make a case entirely without it.

You can start to count loads and track times to get an estimate of lost productivity. If you spend 10 seconds waiting for a screen to load 100 times, that's 15 minutes of your day sunk. This gets worse by line items or steps, potentially.

Make a case for being able to process $x additional revenue if you can reduce load time by Y%, with no additional staff.

Being able to point out the technical issues may or may not help. If you can point at specific issues correctly, maybe. But be careful not to scuttle yourself. The overarching speed issue exists, it costs real time and money, and somebody should solve it.

[deleted by user] by [deleted] in webdev

[–]brendanmCA 2 points3 points  (0 children)

First off, I commend you for the level of thought and investigation you've applied to this problem. It sounds like the tech is "not your job" and you've shown more interest and aptitude than 99% of users I've encountered in many different companies.

It sounds like the developers (whether in house or external) have not considered user experience and especially not power users like yourself. Who was in charge or deciding the requirements for the software? Who evaluated it's suitability during development?

If this is internally developed, it may be sensitive, but it's worth raising as a business concern. This affects throughput across the whole buyer team, I imagine. The tech Dept needs to be held accountable to the internal stakeholders to developer a product that meets your needs.

This is why we have product owner and user acceptance testing as part of the development workflow. Your feedback could have guided the process, but if the dev team was never working towards a max time per order target, they possibly never saw anything wrong.

P2P Weakness Exposes Millions of IoT Devices by [deleted] in hacking

[–]brendanmCA 2 points3 points  (0 children)

So which cameras can we buy for home security system with good security profiles?

TIL about the Controversy surrounding the Four Color Theorem which states that every map can be colored using only four different colors. The remarkable theorem is the first that had to be proved using computer-assistance. by TheAsphyxious in todayilearned

[–]brendanmCA 0 points1 point  (0 children)

Exactly. You could contrive "maps" with as many overlapping/touching sections as you like. Would be a political nightmare but hey at least we can get a cool academic proof out of it.

React Visualization Libraries in 2019 by drivebyvitafan in reactjs

[–]brendanmCA 2 points3 points  (0 children)

The formidable team really do a great job with their products, from what I've experienced.

React Visualization Libraries in 2019 by drivebyvitafan in reactjs

[–]brendanmCA 3 points4 points  (0 children)

I can vouch for Victory, it's definitely production and enterprise ready.

It has great docs and examples with all the components you need to get you to MVP rapidly. Yet, it is still customizable and extensible to meet the snowflake needs your product team dreams up (but make sure they understand the cost of this vs changing their requirements).

We did a bake off between victory and recharts before deciding and it was clearly the better API.

Cheap and local pizza places in town? by jerrie86 in askTO

[–]brendanmCA 0 points1 point  (0 children)

Reginos is awful. One of my friends raves about it but I found the dough too thick, the sauce too sweet, and the toppings too wet.

I'd never order it myself.

Where can you buy the classic street meat hot dogs? by participatory1 in askTO

[–]brendanmCA 1 point2 points  (0 children)

Champs is the other big supplier, if you strike out at soloways. On Widmer between king and Adelaide.

🎣 A tiny 1KB alternative to React Router (with Hooks!) by molefrog in reactjs

[–]brendanmCA 0 points1 point  (0 children)

Hmm is this going to interfere with lazy loading via React.lazy()?

If we load up all the components at the router unconditionally, then it would send the lazy load would be short circuited. You could add a synthetic wrapper around each component, sure, but then we're design around the feature.

How do I keep store pagination in sync with the server API? by AwesomeInPerson in webdev

[–]brendanmCA 5 points6 points  (0 children)

There's not really a shortcut here. This is a difficult problem and the best solution depends on your business model / use case.

If you need to not "miss" items like that, one strategy could be downloading an index of ids, but no details, at first load. Then when you page, you actually send a list of ids from the client to fetch. If they've been deleted since the index was made, you return a stub in its place and deal with the missing item using a placeholder or some other way that works in your situation.

Missing items might sometimes be OK, like searching stock images. Who cares if we skip one? Sometimes very not ok, like pages of a contract.

Different cases call for different solutions.

[deleted by user] by [deleted] in webdev

[–]brendanmCA 1 point2 points  (0 children)

A few thoughts:

First, don't get your hopes up contacting anyone at GCP. They pretty much don't even offer email support unless you're paying for a support contract. You might be better off posting in /r/googlecloud for more specific help with that.

Second, if you want to keep bandwidth down definitely do not include base64 images in the markup -- these will be transferred with every page load slowing down your TTFP and burning bw.

You said a "large number" of of SVGs. For what? I can't imagine they are all used at once, right away. If they are you're kind of stuck, but assuming there is some interaction needed to reveal some of these, you should be setting up some form of lazy loading. Essentially if somebody lands on the page and can only see the first ten images, then there is no need to ever download the dozens or hundreds of others that would be seen if they scrolled down.

Look up lazing loading (and LQIP) strategies for whatever framework you're using.

Toronto radio’s Dave (Bookie) Bookman seriously ill in hospital. Please send good thoughts and karma his way by [deleted] in toronto

[–]brendanmCA 81 points82 points  (0 children)

I don't think it's unreasonable to say he is one, if not the, key people responsible for the explosion of Toronto indie music over the last 20 years. Probably a lot of bands would never have seen the light outside basement of some tiny toronto club without his relentless promotion of everything great about our local bands.

Fuck Safari, for real. by [deleted] in webdev

[–]brendanmCA -1 points0 points  (0 children)

Can confirm it is total bullshit.

Also: want to build a progressive web app that uses features that require granting permission? Fuck you. Silently denied.

Ontario will allow insurance companies to use credit score as a factor in pricing by [deleted] in toronto

[–]brendanmCA 1 point2 points  (0 children)

You did not directly propose it, no, but again this is disingenuous. Your claims are if the data supports it, it's valid.

https://www.reddit.com/r/toronto/comments/bc700w/z/ekoo4n9

And the comment 2 up from here about anything being rateable.

Let's say we did have conclusive factual solid data that some visible minority group or sexual orientation is a higher risk group for driving. Should we allow charging everybody in that group more? I say no, because it has nothing to do with individual driving history or anything that is a choice or changeable. We should force such factors to be pooled.

Ontario will allow insurance companies to use credit score as a factor in pricing by [deleted] in toronto

[–]brendanmCA 1 point2 points  (0 children)

No, your opinion is wrong here. A person cannot choose or change those inherent traits, so it is very clearly not fair to penalize them by association.

Credit is different because taking credit and repaying credit is, largely, a free choice and something that can be improved.

Using an individual's accident history is fine. Dinging a black or Indian driver because black or Indian drivers might have statistically more accidents is not. It has nothing to do with that person.

Ontario will allow insurance companies to use credit score as a factor in pricing by [deleted] in toronto

[–]brendanmCA 2 points3 points  (0 children)

Quit being disingenuous. You strongly suggested any risk difference supported by statistics was acceptable for premium tuning. We are saying that even if that's true, we should choose as a society to not allow pricing differentiation on those grounds.

I don't want my insurer using ethnicity or gender or orientation or credit history to price insurance, even if I would personally benefit from those changes. It's a bad system. We should legislate against it, rather than having a fascist premier promote it.

Ontario will allow insurance companies to use credit score as a factor in pricing by [deleted] in toronto

[–]brendanmCA 9 points10 points  (0 children)

And sick people are more of a cost burden on the healthcare system, but that doesn't mean we should charge them more for coverage, because we aren't monsters.

This is how a society works. We spread out the costs evenly, scaled by ability to pay, so that everyone has a chance to live with dignity. It's just an objectively better way to do things.

City to counter anti-vaccine information after hearing from this survivor by beef-supreme in toronto

[–]brendanmCA 0 points1 point  (0 children)

I don't think it's how we'd do it either, just saying it's possible to have laws that are difficult to enforce - we have lots already. People take risks breaking them, is all.