343: cpshots

We’ve been naming all our services cp____ lately. Get it? cp is short for CodePen. Clever, I know. We have many such services. The latest to join them is cpshots. We’ve been doing our own screenshotting for a long time now, but like all software we’re always working on it for various everchanging reasons.

Robert and I discuss this last round of changes to this service. Part of the purpose of this round is that we wanted to bring image resizing in-house to keep costs down. We need screenshots in various sizes because we literally show them in different circumstances at different sizes, but also because of the responsive images syntax. That resizing we do with sharp via a Lamda. But we only want to do it once! That is, whenever a Pen has changed and the screenshot needs to be regenerated. In order to do that, we send the requests to a Cloudflare Worker which, through the KV store, knows if we already have the screenshot or not. If yes, send it along. If no, head over 1) the screenshotting service to get the screenshot 2) the Lambda for resizing it 3) over to S3 to store the images 4) back to the Cloudflare Worker to serve it.

It’s a lot of moving parts! But they are all very smart, simple, tuned parts that are designed to do what they do well. The best parts, for us, is that this project was a great excuse to give Robert a trial-by-fire of a fairly complex tech stack, and that we made literally every part of it work on both development and staging. Making sure every service of CodePen runs locally means that there is no secret magic, we can all work on it and see it working.

Time Jumps

01:03 Rolling out large infastructure to an audience

04:18 Creating different size images ourselves

05:30 What were the moving parts?

06:54 Using AWS Lambda

09:31 4 sizes of screenshots at CodePen

12:29 Sponsor: Jetpack & WooCommerce Sales

13:24 How did we architect this?

16:06 Our local dev environment

19:45 Making other improvements besides the primary one

27:16 Lessons learned

Sponsor: Jetpack and WooCommerce Black Friday Sales

Huge sales in WordPress land! As we write, there is less than 4 days left in the Jetpack Black Friday Sale, which is 60%+ off all Jetpack products and plans for your first year. Over in WooCommerce land, nearly everything in the entire WooCommerce marketplace is 40% off and there is less than 6 days left. It’s worth it to spend a little time thinking ahead about what you might need for the year ahead as these deals are pretty massive.

The post 343: cpshots appeared first on CodePen Blog.

Top Ten Vue Templates to Choose in 2021 | FrontEnd Matters!

Introduction
Vue’s Pros and Cons
Top Ten Vue Templates
How to Easily Build CMS for Your Vue Project
Conclusions

Introduction

There is no construction that can be completed without the proper tools. And that statement is not only true when it comes to actual physical constructions. It is just as true when it comes to web applications. In order to make a worthwhile web project, you will also need proper and fitting tools. And, in that regard, there is no more fitting tool than VueJS.

That is why we here at Flatlogic have decided to pay our respects to this wonderful framework by compiling a list of ten VueJS templates that we can legitimately call the top ones.

But, in order to do so, a quick rundown of what VueJS is, what its pros and cons are, is definitely in order. So, without further ado, let’s get to it.

Vue’s Pros and Cons

We are sure that in real life you are more than familiar with Vue. But in order to do this fascinating theme justice, let’s imagine for a moment that you, dear reader, know absolutely nothing about it And, on such an occasion, the most fitting starting point would be to define Vue in order to understand what kind of a beast we are dealing with here.

So, what is Vue? Also known as VueJS, it is an open-source front end JavaScript framework with a model-view-viewmodel architectural pattern. Vue is widely used for building user interfaces and single-page apps, as well as desktop and mobile apps in connection with the Electron framework.

Knowing the definition of VueJS will help us better understand its pros and cons, which we now propose to consider in detail.

Firstly, let’s look at Vue’s pros:

1.    Vue is small. And this point will be just as small. Vue weighs only 18 kilobytes in its .zip form. This tiny size contributes not only to its fast downloading but also to its fast installation and positive impact on your SEO and UX.

2.    Two-way data binding. This advantage of VueJS goes hand in hand with another pro – usage of Virtual DOM. But we are going to look at the latter in a moment.

Two-way data binding is the inheritance Vue has from Angular, as Vue’s creator – Evan You does not make any secret of the fact that Vue was an attempt to take all the positive aspects of Angular and create a better and lighter version of it. And as two-way data binding – a connection between model data updates and view, is one of the best features of Angular, it has been added to Vue. The model by which two-way data binding works can be seen in the picture below:

Why is it one of the best features? The explanation is simple – in one-way data binding, the data-containing components can be updated only from time to time, while with two-way data binding it is easier to update such components as you go along and track the updates in this data. So, developer-wise, the process of updating is much clearer and easier to complete. However, such a method has its own disadvantages, which we will discuss in the “Cons” section of this part.

3.    Virtual DOM. By itself, DOM, which stands for the Document Object Model, is an inherent part of any front end development framework, which represents any given part of an XML or HTML document in a tree structure. And, despite its undeniable importance, updating DOM, which is unavoidable when making updates to the information, can be best described as burdensome and time-consuming. So, in order to save your valuable time, VueJS utilizes virtual DOM – more or less a virtual copy of an original DOM that figures out what elements to update, without re-rendering the whole DOM. This helps considerably speed up the process of rendering as well as improves the app’s performance in general. Another thing that should be mentioned is that although in most cases performance depends more on code optimization and quality, an app’s performance is, nonetheless, one of the most important factors when choosing the framework to build your project with.

4.    Readability and single-file components usage. To put it in layman’s terms, in Vue each and every piece of your project is a component that represents an encapsulated element of your project’s interface. Such a way of managing app’s code is called component-based architecture, or CBA for short, and it is utilized not only by Vue, but also by such prominent web development players as React and Angular, as we said before and there are a couple of benefits to such a structure:

·       Reusability of components. As all of the elements are encapsulated, they can be easily redistributed and reused in other projects;

·       Readability. Vue’s components are stored separately in their own files, making it exceptionally easy to search for them and, more importantly, read them for maintenance and fixing.

·       Fewer language barriers. All of the code of the app’s components can be written in HTML, CSS and JavaScript, meaning that the chance of needing to invest in learning rarer languages is vanishingly low.

·       Convenience in unit-testing. Unit-testing is an integral part of quality assurance and having all of your elements presented in the form of components can simplify this ordeal a whole bunch, as it mostly only requires tinkering with the smallest parts of the app on their own.

5.    Solid toolset and surrounding ecosystem. Having been released in 2014, Vue has already gained quite a powerful toolset. One of the most impressive ones is, actually, Vue’s standard tooling – Vue CLI, which supports Babel and TypeScript, as well as providing said unit testing, end-to-end testing tools, and a plugin installation system. But that’s not all there is to Vue’s toolshed, as Vue now also has its own browser debugging tools, server renderer, and state manager in Vuex.

6.    Capable of integration and flexible. As it is becoming more and more standard, the ability to integrate into existing apps is easy with Vue, as it only relies on JavaScript and does not require any other tools to work. And, as we have already mentioned, you can write the templates as you please with Vue. There is nothing stopping you from using HTML, JavaScript or JSX.   What this actually means is that there is zero-project where you would be unable to use Vue.

7.    Steep learning curve and concise documentation. This advantage will be most visible for those developers that are just beginning their dive into web project creation. But, nonetheless, it is an important advantage, as Vue does not require any deep knowledge on libraries, JSX and TypeScript and its documentation is quite well-structured containing possible topics, precisely describing everything from installation to more in-depth things.

8.    Community. Simply put, it is huge and it is active. Stack Overflow tags, forums, chats and Discords – you name it – Vue has got it. But, even more importantly, the community is helpful, meaning you will never be alone with any problems you may have.

But this wouldn’t be much of pros and cons list if we’ve only mentioned pros, would it? So now let’s take a look on less pleasant sides of Vue starting with:

1.    Language barrier. But not the one you’ve thought of. The thing is that the adoption of Vue by such enterprises as Xiaomi and Alibaba shifted the general content and discussion discourse in a more oriental orientation. Thus, searching for Vue’s content can lead you to forum discussions, plugin descriptions and instructions put in the beautiful Chinese language, which not all of us are well-versed in.

2.    Vue’s reactivity is complex. Although Vue’s two-way data binding is an undoubtable advantage, it is not without its drawbacks. We mainly refer to the complexity of Vue’s reactivity process, which comes as the result of the app consisting of components and requiring a separate watcher for each component to render the data. And, in turn, constitutes the fact that Vue’s reactivity system only renders those chunks of data that were triggered and, unfortunately, this system is quite prone to mistakes, requiring the data to be flattened.

3.    Not fitting for large-scale. We have already mentioned that Vue is like Mary Poppins – practically perfect in every way when it comes to creating single-page apps and user interfaces. But when it comes to larger apps it is not all that fancy. Vue is much more of a sprinter, not a marathon runner, in order to be fitting for larger-scale projects the technology should be much more stable so that all the rousing issues can be solved quickly and swiftly. Unfortunately, as of yet, Vue is not at such a point in its evolution, thus it is more commonly used in the development of small projects.

4.    Scarce resources. Don’t worry, Vue’s ecosystem is wide enough when standing on its own. But it is still not as big as such behemoths as React and Angular. And the difference of available plugins between, for example, Vue and React is in the hundreds.

5.    Lack of experienced developers. Vue is at the beginning of its journey and is now gaining popularity. Thus, the number of really knowledgeable Vue devs is pretty small as of now. But this problem will surely resolve itself in a couple of years.

Summing up this part of the article, Vue is a powerful and versatile tool for single-page apps and user interfaces development. But it has its fair share of issues, as any other framework. The main difference here is that Vue, being an up-and-coming player, still has the potential to get rid of most of them in a short span of time and become even more Merry-Poppins-like.

Now, it is time for our main attraction – looking at the crème de la crème of Vue Templates!

Top Ten Vue Templates

Before we start it is ought to be said that this list is in no particular order. Look at it as a collection of beautifully made and visually stunning Vue templates that you should pay closer attention to.

1. Sing App

Demo

The first number on our list is Flatlogic’s own pride and glory – Sing App. Built with Vue JS 2.5.2 and Bootstrap 4, Sing App is an exceptionally well put together admin dashboard template for virtually any task imaginable. We can spend hours and hours talking about how great this Vue template is but it is much better to see it for yourself via the following link.

2. Exomac

Demo

Number two on our list is Exomac – a template that, if it were a person, would totally look like a very presentable gentleman in an exquisite suit screaming “Business” at the top of his lungs in the middle of the street, but still sound convincing and respectable. Exomac has just the right number of components, elements, design and functionality to create the perfect cocktail for any business or corporate website. And the icing on the cake is the fact that this template is extremely flexible to work with due to its lack of JQuery dependencies.

3. MaxCoach

The third entry to this list is an online course and education web projects template called MaxCoach. To personalize this template, imagine your favorite teacher ever and give him or her a stylish jacket and cool sunglasses, as MaxCoach is just as slick. But it is not just that: this template possesses a tremendously interactive interface for all of your project’s online courses, Google Font, swiper sliders, sticky sidebars, cross-browser support, SEO-friendly codebase, no console error and a plethora of other cool features.

4. Castro

Demo

Despite having a somewhat divisive name, the fourth Vue template on our list – Castro is an exceptionally built (pun intended) construction template. As a human, Castro would be a strong and confident pro-business building expert with a low tolerance for cigar smoke. But as a template, Castro is unique and fast-forwarding, as well as possessing tons and tons of treats to serve you well in the process of building an exceptional construction website.

5. Fantastic

More info

If Fantastic was a person, it would be a precise and straight-to-the-point promoter that is just as convincing as it is charming. Possessing an exceptionally well-crafted design, Fantastic is also multi-purpose, including features like Vue Platform, fast loading, clean code for you to tinker around with and 5 different home page variations. But wait, there is more, as Fantastic has 100% responsive design, more than 1000 icon fonts and cross-browser support. A sight to behold indeed.

6. Softbox

Demo

Softbox – Vue Software landing page template. A human version of Softbox would be a pleasant and knowledgeable developer, who is always there to help you and give helpful advice in his or her mastered field of expertise. As a Vue template, it is perfect for your software-oriented web projects as it is packed to the brim with such helpful features as responsive modular design, detailed documentation, proneness to customization and lots of others.

7. Brook

Demo

The seventh entree is Brook – a creative multipurpose Vue template that will be quite fitting for a number of different projects. If we were to imagine a human version of Brook it would be an artsy student, who has delved in lots of different arts and crafts and is successful in most of them. As a template, Brooks possesses many useful features, such as customizable home-pages, more than twenty-one blogs and portfolio layouts to Cross-Browser Compatibility. And that’s just the tip of the iceberg. But words do not do this wonderful template full justice, so we recommend exploring Brooks for yourself.

8. Skote

Demo

Let’s get to number eight on our list – Skote. This VueJS Admin & Dashboard Template can be summarized in two words: minimalism and efficiency. If Skote was a person, it would be a very stern and composed one. But its greatest power lies in its variability, as Skote allows for all sorts of customization, having such features as dark and light versions, RTL options, Firebase authentication, multiple layouts, 100% responsive layout, clean and well-commented code, W3C validated code and three different types of charts.

9. Light Blue Vue

Demo

The pre-last ninth spot on this list is occupied solely by none other than Flatlogic’s very own Light Blue Vue Admin Dashboard Template, empowered by magnifique Vue backend, which includes vuex, vue-router and vue-bootstrap, amongst other things. This is a rich dashboard with a dozen of beautifully made UI components; it will become your reliable starter dashboard for building any type of SaaS, CMS, or project management tools. Learn more in its complete documentation.

10. Mitech

Demo

And last but not least, as we remind you that this list is in no particular order, the tenth spot on our list goes to Mitech technology and blog oriented Vue template. A human Mitech would be a hip, tech-savvy youngster that knows what is good for him or her and knows how to get it. Its design is elegant but modern, its features are plentiful, including a dynamic blog, clean code, font awesome icons, cross-browser support, and, of course, clear documentation.

And that is our Top Ten Vue Templates. Bear in mind that there are lots and lots of other Vue templates that are also worthy of praise, but these ones are just the rarest of gems and you should definitely look at them first.

But what if after looking at all of these templates you are left with a desire to create your own CMS? In that case, you are in luck, as now we come to the part of the article, where we tell you all about creating one in under five minutes!

How to Easily Build CMS for Your Vue Project

“Creating anything worthwhile in under five minutes either requires gradual and methodical preparation, or pure luck mixed with great talent or is impossible” – you might think. And that would have been a perfectly valid argument if not for the existence of Flatlogic’s Full Stack Web Application Generator, which makes it not only possible but actually fun to do. Let us show you how you can seamlessly create a worthwhile CMS for your Vue-based project in just 5 simple steps and under 5 minutes.

Step #1. Choose a name for your project

This step will take less than 5 seconds, as all you have to do is choose a name for your project and fill it in the corresponding blank.

Step #2. Selecting your project’s Stack

Once again, a small, yet crucial step. Here, you choose the front end, backend and database for your project. As we are creating a Vue project, we’ve selected Vue for the front end, Node.js for the backend and PostgreSQL for the database. And that all with just three simple clicks and 10 seconds of time.

Step #3. Choosing your project’s CMS design

Although hours and hours of precious time can be spent on creating and perfecting the design of any project, Flatlogic’s Full Stack Web Application Generator provides you with an opportunity to skip this stage of development and simply choose from a number of ready-made designs for your CMS. For our example, we’ve decided to go with the Classic one, spending just about 15 seconds to look through the variants and choose.

Step #4. Creating Database Schema

This step is one of the most time consuming when done in a traditional manner. But with the help of Flatlogic’s Full Stack Web Application Generator, it is nice and easy, as you can simply pick the database schema that is the closest to your needs and tinker with it to make it completely suit your needs. The needs of our example required a book store option, which is one of the ready-made options. Thus, we’ve spent the entirety of one whole minute looking through the variants and choosing which one we need.

Step #5. Reviewing and generating your project’s new CMS

And thus, we’ve come to the final step of creation, where we review our choices to reassure ourselves that we’ve picked everything we wanted, after which we just press the “Create Project” button and wait for a bit to get and deploy our Vue project’s brand new and fully-functional CMS. And, after two short minutes, voila!

Thus, the whole process took around three and a half minutes and we have created our new CMS. And it is more than worthwhile, as you will see for yourself when you create one of your own. 

Conclusions

Vue has its fair share of setbacks, it has just as many if not more pros. So, if you haven’t tried it yet, you should definitely give it a chance. Even more so, as there are already a great number of attention-worthy templates on the market today. And if you’re still doubting between Vue and React, then tap here to learn which one is better in our ultimate guide, Vue vs. React.

And the sentiment stays doubly true due to the fact that you can create a stunning CMS for your new Vue project in less than five minutes with the help of Flatlogic’s Full Stack Web Application Generator. And that concludes today’s article. Have a nice day and, as always, feel free to read up on more of our articles!

Suggested Articles

Top Angular Admin Templates in 2021
Top 16+ Vue Open Source Projects
Vue.js Bundle Released by Flatlogic

The post Top Ten Vue Templates to Choose in 2021 | FrontEnd Matters! appeared first on Flatlogic Blog.

Saying goodbye to old websites

It’s probably hard to believe for certain people, but you do generally get attached to websites, something that you’ve created, and perhaps has paid you back a thousand fold, but some day, it no longer becomes relevant, and it’s time to say goodbye to it.

Some parting words for some of my websites that meant something to me ..

Webtropy.com

My very first domain, which I thought, at the time, was a cool mix between “Web” and “Entropy”. It made no sense to anyone else. But It was back in 2002, I was just out of University, and the £20 investment in a domain was a lot to me back then. It paid me back a hundred fold, once earning as much as $5,000 a month in advertisement (yes, it was spammy and ugly). But, it didn’t last long, and I guess about 2005 it slipped out of relevance, and was never revisited again.

FreebieSMS.co.uk

My first really successful business, I remember it used to bring in 10,000 people a day, peaking on new-years-eve. It used to make a steady £10K a month, with sources from all over the world. Mostly the UK, but I remember selling as far afield as Serbia. One day, a google update killed my SEO position across the board, and the business was over, I think around 2010. It never recovered, and the whole concept of communicating via SMS is only for 2FA and grandmothers who never got a smartphone.

But, it’s time to say goodbye, adieu, and so long and thanks for all the fish.

Using HTTP/2 from #AWS Lambda in .NET Core

If you need to make an outbound HTTP request using HTTP/2 instead of HTTP/1.1 then you will need to modify your HTTP request in C# to do so, since it is not the default. If you are working in a windows environment, then you may have used code such as the following to perform a HTTP/2 request;

public class Http2CustomHandler : WinHttpHandler
{ // PM> Install-Package System.Net.Http.WinHttpHandler – REQ .NET 4.6.2 +
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
request.Version = new Version(“2.0”);
return base.SendAsync(request, cancellationToken);
}
}

Which requires the System.Net.Http.WinHttpHandler NUGET package.

However, if you try to use this code in .NET core, and run it on a non-Windows platform, such as AWS Lambda, then you get an error such as;

System.PlatformNotSupportedException: WinHttpHandler is only supported on .NET Framework and .NET runtimes on Windows. It is not supported for Windows Store Applications (UWP) or Unix platforms.
at System.Net.Http.WinHttpHandler..ctor()

There is a workaround, in .NET Core 3 (Which is supported by AWS Lambda), where you can simply specify the HTTP Version in the HTTPRequest object

var initialRequest = new HttpRequestMessage(HttpMethod.Get, strUrl)
{
Version = new Version(2, 0)
};

var homepage = httpClient.SendAsync(initialRequest ).Result.Content.ReadAsStringAsync().Result;

Much simpler!

Implement certificate authentication in ASP.NET Core for an Azure B2C API connector

This article shows how an ASP.NET Core API can be setup to require certificates for authentication. The API is used to implement an Azure B2C API connector service. The API connector client uses a certificate to request profile data from the Azure App Service API implementation, which is validated using the certificate thumbprint.

Code: https://github.com/damienbod/AspNetCoreB2cExtraClaims

Blogs in this series

Add extra claims to an Azure B2C user flow using API connectors and ASP.NET Core

Setup Azure App Service

An Azure App Service was created which uses .NET and 64 bit configurations. The Azure App Service is configured to require incoming client certificates and will forward this to the application. By configuring this, any valid certificate will work. The certificate still needs to be validated inside the application. You need to check that the correct client certificate is being used.

Implement the API with certificate authentication for deployment

The AddAuthentication sets the default scheme to CertificateAuthentication. The AddCertificate method adds the required configuration to validate the client certificates used with each request. We use a self signed certificate for the authentication. If a valid certificate is used, the MyCertificateValidationService is used to validate that it is also the correct certificate.

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();

builder.Services.AddSingleton<MyCertificateValidationService>();

builder.Services.AddAuthentication(CertificateAuthenticationDefaults.AuthenticationScheme)
.AddCertificate(options =>
{
// https://docs.microsoft.com/en-us/aspnet/core/security/authentication/certauth
options.AllowedCertificateTypes = CertificateTypes.SelfSigned;

options.Events = new CertificateAuthenticationEvents
{
OnCertificateValidated = context =>
{
var validationService = context.HttpContext.RequestServices.GetService<MyCertificateValidationService>();

if (validationService != null && validationService.ValidateCertificate(context.ClientCertificate))
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, context.ClientCertificate.Subject, ClaimValueTypes.String, context.Options.ClaimsIssuer),
new Claim(ClaimTypes.Name, context.ClientCertificate.Subject, ClaimValueTypes.String, context.Options.ClaimsIssuer)
};

context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name));
context.Success();
}
else
{
context.Fail(“invalid cert”);
}

return Task.CompletedTask;
}
};
});

builder.Host.UseSerilog((hostingContext, loggerConfiguration) => loggerConfiguration
.ReadFrom.Configuration(hostingContext.Configuration)
.Enrich.FromLogContext()
.MinimumLevel.Debug()
.WriteTo.Console()
.WriteTo.File(
//[email protected]”../certauth.txt”,
[email protected]”D:homeLogFilesApplication{Environment.UserDomainName}.txt”,
fileSizeLimitBytes: 1_000_000,
rollOnFileSizeLimit: true,
shared: true,
flushToDiskInterval: TimeSpan.FromSeconds(1)));

The middleware services are setup so that in development no authentication is used and the requests are validated using basic authentication. If the environment in not development, certificate authentication is used and all API calls require authorization.

var app = builder.Build();

if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}

app.UseHttpsRedirection();

if (!app.Environment.IsDevelopment())
{
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers().RequireAuthorization();
}
else
{
app.UseAuthorization();
app.MapControllers();
}

app.Run();

The MyCertificateValidationService validates the certificate. This checks if the certificate used has the correct thumbprint and is the same as the certificate used in the client application, in these case the Azure B2C API connector.

public class MyCertificateValidationService
{
private readonly ILogger<MyCertificateValidationService> _logger;

public MyCertificateValidationService(ILogger<MyCertificateValidationService> logger)
{
_logger = logger;
}

public bool ValidateCertificate(X509Certificate2 clientCertificate)
{
return CheckIfThumbprintIsValid(clientCertificate);
}

private bool CheckIfThumbprintIsValid(X509Certificate2 clientCertificate)
{
var listOfValidThumbprints = new List<string>
{
// add thumbprints of your allowed clients
“15D118271F9AE7855778A2E6A00A575341D3D904″
};

if (listOfValidThumbprints.Contains(clientCertificate.Thumbprint))
{
_logger.LogInformation($”Custom auth-success for certificate {clientCertificate.FriendlyName} {clientCertificate.Thumbprint}”);

return true;
}

_logger.LogWarning($”auth failed for certificate {clientCertificate.FriendlyName} {clientCertificate.Thumbprint}”);

return false;
}
}

Setup Azure B2C API connector with certification authentication

The Azure B2C API connector is setup to use a certificate. You can create the certificate anyway you want. I used the CertificateManager Nuget package to create a RSA 512 certificate with a 3072 key size. The thumbprint from this certificate needs to be validated in the ASP.NET Core API application.

The Azure B2C API connector is added to the Azure B2C user flow. The use flow requires all the custom claims to be defined and the values can be set in the API Connector service. See the first post in this blog group for details.

Creating an RSA 512 with a 3072 size key

You can create certificates using .NET Core using the CertificateManager Nuget package which provides some helper methods for creating the X509 certificates as required.

class Program
{
static CreateCertificates _cc;
static void Main(string[] args)
{
var builder = new ConfigurationBuilder()
.AddUserSecrets<Program>();
var configuration = builder.Build();

var sp = new ServiceCollection()
.AddCertificateManager()
.BuildServiceProvider();

_cc = sp.GetService<CreateCertificates>();

var rsaCert = CreateRsaCertificateSha512KeySize2048(“localhost”, 10);

string password = configuration[“certificateSecret”];
var iec = sp.GetService<ImportExportCertificate>();

var rsaCertPfxBytes = iec.ExportSelfSignedCertificatePfx(password, rsaCert);
File.WriteAllBytes(“cert_rsa512.pfx”, rsaCertPfxBytes);

Console.WriteLine(“created”);
}

public static X509Certificate2 CreateRsaCertificateSha512KeySize2048(string dnsName, int validityPeriodInYears)
{
var basicConstraints = new BasicConstraints
{
CertificateAuthority = false,
HasPathLengthConstraint = false,
PathLengthConstraint = 0,
Critical = false
};

var subjectAlternativeName = new SubjectAlternativeName
{
DnsName = new List<string>
{
dnsName,
}
};

var x509KeyUsageFlags = X509KeyUsageFlags.DigitalSignature;

// only if certification authentication is used
var enhancedKeyUsages = new OidCollection
{
OidLookup.ClientAuthentication,
// OidLookup.ServerAuthentication
// OidLookup.CodeSigning,
// OidLookup.SecureEmail,
// OidLookup.TimeStamping
};

var certificate = _cc.NewRsaSelfSignedCertificate(
new DistinguishedName { CommonName = dnsName },
basicConstraints,
new ValidityPeriod
{
ValidFrom = DateTimeOffset.UtcNow,
ValidTo = DateTimeOffset.UtcNow.AddYears(validityPeriodInYears)
},
subjectAlternativeName,
enhancedKeyUsages,
x509KeyUsageFlags,
new RsaConfiguration
{
KeySize = 3072,
HashAlgorithmName = HashAlgorithmName.SHA512
});

return certificate;
}
}

Running the applications

I setup two user flows for running and testing the applications. One is using ngrok and local development with basic authentication. The second is using certification authentication and the deployed Azure App service. I published the API to the App service and run the UI application. When the user signs in, the API connector is used to get the extra custom claims from the deployed API and is returned.

Links:

https://docs.microsoft.com/en-us/azure/active-directory-b2c/api-connectors-overview?pivots=b2c-user-flow

https://docs.microsoft.com/en-us/azure/active-directory-b2c/

https://github.com/Azure-Samples/active-directory-dotnet-external-identities-api-connector-azure-function-validate/

https://docs.microsoft.com/en-us/dotnet/standard/serialization/system-text-json-customize-properties?pivots=dotnet-6-0

https://github.com/AzureAD/microsoft-identity-web/wiki

Ways to Make an Ecommerce Store on Node.js in 2021 |Guide for Beginners

The Future of Ecommerce
Why Backup your Ecommerce Store with Node.js?
5 Arguments For Custom-Built eCommerce Solution 
Node.js Frameworks to Choose 
How to Choose a framework to build your eCommerce store?
MEAN vs MERN for eCommerce
Nodejs Drawbacks
Node.js eCommerce Admin Templates For Flawless Backend
Useful Tools to Use While Creating eCommerce Node.js Store
Wrapping Up

The upcoming trend of 2021 shows that eCommerce growth is inevitable due to COVID consequences, remote work, and a bunch of commonly known factors, that’s why offline sales will strengthen the market of digital solutions. The current situation has increased the demand for the development of high-speed platforms to gain customer loyalty and trust. The market leaders are trying their best to deliver an enjoyable and personalized eCommerce experience.

Customer shopping feedback is highly valued since it gives rise to updates and future improvements. That’s why eCommerce backends must be lightweight and effective in maintaining and delivering the data to the user side. To make your app simple and intuitive, there is no better way than to choose a dashboard template on NodeJS.

The Future of eCommerce

Despite a challenging year for retail in 2020, we’re witnessing worldwide retail eCommerce sales growth to a total of $4.280 trillion, which means almost 28% for the year, reported eMarketer. General eCommerce statistics show that more than 95% of all purchases will be conducted via the eCommerce market by 2040.

We can name, offhand, at least 17 world-leading companies that have chosen Node.js as one of their technologies for their business platforms: Paypal, IKEA, Shutterstock, Shopify, NASA, eBay, Medium, Citibank, Yahoo, Walmart, IBM, Stripe, AliExpress, Asana, BitBucket, Mercari, Uber, etc. So, why did all of them choose Node.js?

Why Back up your eCommerce App with Node.js

Node.js is an open-source framework utilized to manufacture quick, versatile server-side web applications. Node.js is best suited for developing data-intensive real-time apps that can run on numerous devices. Opinions on the eCommerce platform differ, “Magento is overpriced. Shopify is limited, though platforms like Node.js is available for a bunch of reasons:

a) First off, Lightweight With Node.js cross-platform development is easy and affordable, since all your developers need to know is Node.js

b) Secondly, Node.js offers incredibly high performance and smooth functioning compared to others. Higher Performance is an essential aspect of an eCommerce application.

c) Thirdly, you will get 100% feedback from the developers’ community because Node.js has become a premium choice for enterprise-level organizations.

There are not so many ready-made ecommerce solutions built on Node.js, that’s why dashboards templates with a range of components inside are most welcome for web developers. The reason for this is the presence on the market of open source PHP solutions like OpenCart or Prestashop, Magento, Drupal, or Joomla, which lets you manage your eCommerce store online from a single back-end. 

But the point is that eCommerce solutions are more used to development on PHP. Javascript became a relatively recent tool for building eCommerce stores, though it is a highly scalable, fast, and highly reliable technology. Statistically, almost 70% of world software developers prefer Javascript for programming.

For instance, with Node.js being a complex framework, you can build more multitasking websites in comparison to PHP thanks to better outcomes for lower costs. Whilst PHP and Node.js certainly differ in architecture, the PHP developer caste doesn’t feel the necessity to learn JS. PHP is still one of the most popular programming languages and is truly known for its lower barrier to entry for a newbie in web development
As a rapidly growing alternative to PHP-based eCommerce solutions, web developers can use Strapi. Strapi is known for its cybersecurity options and efficient API interface to serve your database of choice from your hosting and server of choice.

5 Reasons to Choose Tailored-for-You eCommerce Website

1. Fast loading (Node.js enhances the eCommerce website loading time)

If you have the ambition to build an eCommerce business like Amazon or eBay, then, I unhesitatingly recommend Node.js for development to create a scalable app. Node.js is an open-source JavaScript environment, extremely powerful, and popular among web developers. It is rightfully chosen for its high performance and fast time loading.

2. Prices and costs

Setting your site based on platforms like Shopify may be risky, due to the necessity of constant upgrades that only raise the cost of website development. Often, the effort to customize the well-known theme to your business needs significantly exceeds the cost of developing the same features in a custom dashboard. Learn to see in perspective:  the price of maintaining and modifying an off-the-shelf theme ends up costing you a fortune once you take into account all the emerging improvements and features.

3. Uniqueness

Surely everything depends on how deeply you want to develop your site. Being a tech-savvy developer, your hands are not tied to setting all your widgets and options according to your audience requirements. Though it’s possible to customize/re-code the Shopify panel, you are more limited in what you can do, and you have to ultimately host your site on the owner’s servers.  In contrast, a tailored-for-your site solution is super flexible and organically adapts to your growing business needs. So, your custom development is a superb investment in the future.

4. Time spent

Working with Shopify templates also requires a substantial time investment. For young businesses, it is not the best possible variant. Custom template focuses mainly on the latest trends of UX design, high performance, conversion, and optimization processes. While you are building a brand, you don’t need heavy solutions, all you need is the main function of intuitive usage and a great checkout experience (purchase option). Consequently, all of this will ultimately improve your ROI.

 5. Regular updates and flexibility

You would surely go for ease of managing and upgrading your code, wouldn’t you? Trends in web development are proceeding in space and in order to keep your site optimized and effective you have to get regular updates on the developing situation.

How to Choose a framework to build your eCommerce store?

Choosing an appropriate framework is a totally subjective thing because every developer takes into account his knowledge base, the range of features available to work with, and so on. Some relevant criteria to make a perfect solution for your store may include the level of dev experience, project size, mobile application necessity, performance and productivity aspects, maintenance, and timely updates.

Node.js frameworks to choose

Reaction Commerce is an API-first, modular commerce stack made for ambitious brands and retailers. If you stand for/ require fully individual solutions, then Reaction commerce is a scalable and fully flexible solution with its microservices architecture that allows easy integration with your already existing systems.

Swell (Schema.io) is a fully functional piece of eCommerce software provided by Schema targeted at small to enterprise-sized businesses. Schema.io is a Node.js

The MEAN&MERN Stack Architecture for eCommerce

MEAN is a full-stack technology (shortened for MongoDB, Express.js, Angular, and Node.js) as an alternative to building a lightweight application or eCommerce platform in the early business stages. It is a component-based solution using Typescript, and high web response time due to the code running on a Chrome-based JavaScript engine.

Express.js must be the most popular and the fastest framework with an API that permits users to configure different routes to send/receive requests between the front end and database. a wide range of features for the web as well as mobile application development. Check the list of the most popular Node.js frameworks to work within 2021 here.

MERN in its turn is a stack using trending React technology (MongoDB-Express.js-React-Node.js). The main difference between MEAN and MERN is in its framework’s productivity, while Angular offers better productivity, React.js is supposed to build faster apps.

There are numerous of them rated on GitHub, so you might have heard about Express.js, Meteor.js, Sails.js, Koa.js, LoopBack.js.

Nodejs Drawbacks

NodeJS tremendous popularity has not been without several problems. We’ve defined several basic moments that still should be noted:

1. Heavy computing tasks slow down unit performance; 

It happens due to Node.js, which sets all the CPUs to process a particular request first.

2. Unstable API

It may cause frequent changes of the access code in order to match with the newest Node.js API versions 

3. Node.js is based on a crude model of concurrency whereby threads must report back to a single event queue, i.e an errant thread can even block Node.js

4. Lack of experienced Node.js developers

Although the market of developers is soaring, finding a reliable Node.js programmer is a hard nut to crack; Btw, Javascript+Node.js with Angular2 and Redux round out the top 5 of the most popular tech stacks in 2021.

Node.js eCommerce Dashboards For Flawless Backend

1. Sofia React Nodejs

Sofia React Template – is a fresh and modern React template based on widely popular Bootstrap, Material-UI, and Node.js backend carefully crafted by the team of Flatlogic. Sofia React Nodejs is a good jumpstart for e-commerce admin dashboards, any type of CRM platform or SaaS applications. It is highly simple to use and has lots of well-organized UI components, tags, categories, and clear documentation.

Demo
Price

2. eCommerce React template

eCommerce React template offers a wide product catalogue to find the products quickly and easily. It is a sleek template for an eCommerce project, that includes filterable products, unlimited style options, custom links and icons for social media, all the essential pages like Wishlist, 404, FAQ, About us, Contact us, and the ability to display product variations.

Demo
Price

3. Light Blue React Node.js Admin Template

Light Blue React is the world’s first transparent dashboard template built with a Node.js backend and Bootstrap 4 and React frontend. It is SEO optimized through Server Side Rendering and to further speed up your development. Light Blue React admin template can be used to create analytics dashboards, eCommerce apps, CMS, SAAS web apps, CRM, etc.

Demo
Price

4. React Material UI Admin Node.js

Flatlogic company created one more example of an admin template with a Material-UI framework, called React.js Material UI Admin Node.js. What is more, we integrated it with Node.js and Postgres database. It is a lightweight, fully documented solution that would work best for any eCommerce project. Updates are supported.

Demo
Price

5. Sing App Vue Node.js

Sing App Vue Node.js dashboard is a multi-purpose admin template built with Node.js backend and Postgres database. It is a top-notch dashboard for building SAAS, CMS, and all kinds of eCommerce platforms. Inside you will find Lean and powerful, and highly intuitive in use.

Demo
Price

6. Lexa

One more fresh dashboard solution called Lexa. It’s a nicely drawn admin dashboard with a clean design, built with JQuery, Bootstrap 4, HTML5, CSS3. Inside you get 6+ charts libraries, summer note editor, Google maps, invoicing, dropzone file upload, error pages included. The template fits completely to any type of CMS, CRM, or custom admin panels, an analytics dashboard, and an e-commerce site backend.

Demo
Price

7. CMS Cosmic

It is also a good solution for building an eCommerce store just from scratch. The most evident pluses of the Cosmic JS platform are SEO adaptivity, intuitiveness and perfect responsiveness. Moreover, the Cosmic template includes a contact form and a full-site search. Cosmic is an extensible e-commerce CMS for managing content on various apps and websites.

Price

Useful Tools For Creating eCommerce Store on Node.js

Here is a shortlist of popular services to aid you when building a nodejs e-commerce store.

GraphQL

GraphiQL is an open-source language for API that lets you send the correct query data from your API without leaving your editor. Such platforms like Pinterest, Facebook, Coursera, Shopify favors (go for/ stick with) GraphQL. It works well with a range of general-purpose programming languages like C#, C++, Clojure, Java, JavaScript, Haskell, Perl, Python, PHP, Ruby, Scala, Go, Rust, etc.

GitHub

Vue Express Mongo Boilerplate

Use Vue Express Mongo Boilerplate rich functionality while creating a starter repository. Vue Express Mongo Boilerplate is a full-stack JS web app boilerplate with Node.js, Vue.js, Express and Mongo.

GitHub

Node API Boilerplate

Node API Boilerplate is a tool for developing an es6/typescript API endpoint as a standalone (micro)service, backing up web front-ends and/or mobile apps.

Node Express Boilerplate

Node-express-boilerplate gives the developer a clean slate to start with while bundling enough useful features so as to remove all those redundant tasks that can derail a project before it even really gets started.

GitHub

Serverless Node.js Starter

A set of features and tools compiled in Serverless starter kit may be a good help for a developer. Integrate serverless-webpack plugin with ES7 syntax.

GitHub

Express4 Bootstrap Starter

A commonly known package for Bootstrap, Express4, is simple in use and helps you respond to requests with route support so that you may write responses to specific URLs. Plus, Express4 Bootstrap Starter supports multiple templating engines to simplify generating HTML.

GitHub

Node REM

It is a lightweight boilerplate, production-ready backend setup. with clear and sharp syntax. Node REM requires NodeJS v8.12.0 and Mongo databases for installation.

GitHub

Wrapping Up

If you need to build a massive project with a team of top-notch professionals, then opt for full-stack solutions. If you have long-term development, it’s better to stick with lightweight and flexible instruments. But, again, choosing the handiest variant is quite a subjective issue to raise. So, if you have real doubts while coding, please, you may contact experienced devs for a consultancy. For instance, Flatlogic has broad expertise in custom development and scale solutions for businesses.

Suggested Articles

14+ Best Node js Open Source Projects
14 Great Admin Panel Themes for Ecommerce
22+ React Developer Tools to Increase Your Programming Productivity [Updated 2021]

The post Ways to Make an Ecommerce Store on Node.js in 2021 |Guide for Beginners appeared first on Flatlogic Blog.

Infer# v1.2: Interprocedural Memory Safety Analysis For C#

Last December, we announced the public preview release of Infer#, which brings the interprocedural static analysis of Infer to the .NET community. The project was open sourced on GitHub under an MIT license.

New Feature Highlights

Infer# 1.2 brings race condition detection, improves performance, provides more ways to use, and expands analysis coverage. The full list of improvements can be found on the release page.

Support for Infer# On Windows via WSL2 (Windows Subsystem for Linux)

As the first step in our initiative to provide Windows support for Infer#, you can now run the analysis in WSL2.

Azure Pipelines Integration

We now support Infer# as an Azure Pipelines plugin.

Race Condition

Infer# now supports race condition detection via Infer’s RacerD analyzer.

public class RaceCondition
{
private readonly object _object = new object();

public void TestMethod()
{
int FirstLocal;
FirstLocal = TestClass.StaticIntegerField;
}

public void FieldWrite()
{
lock (_object)
{
{
TestClass.StaticIntegerField = 1;
}
}
}
}
Assets/RaceCondition.cs:12: warning: Thread Safety Violation
Read/Write race. Non-private method `RaceCondition.TestMethod()` reads without synchronization from `Assets.TestClass.Cilsil.Test.Assets.TestClass.StaticIntegerField`. Potentially races with write in method `RaceCondition.FieldWrite()`.
Reporting because another access to the same memory occurs on a background thread, although this access may not.

Exception Code Coverage

Infer# now reports warnings on methods with exception-handling constructs (for example, try-catch-finally, and lock).

public void ResourceLeakExcepHandlingBad() {
StreamWriter stream = AllocateStreamWriter();
try
{
stream.WriteLine(12);
}
catch
{
console.log(“Fail to write”);
}
finally
{
// FIXME: should close the stream by calling stream.Close().
}
}
/…/Examples/Program.cs:39: error: Dotnet Resource Leak
Leaked { %0 -> 1 } resource(s) at type(s) System.IO.StreamWriter.

Using Infer#

You can find the instructions for all supported scenarios on our GitHub landing page.

Please submit your feedback and feature requests to our GitHub repository. We’re looking at all feature requests from the community and will prioritize next steps based on popularity.

The post Infer# v1.2: Interprocedural Memory Safety Analysis For C# appeared first on .NET Blog.

342: Workers

Chris and Shaw talk about how CodePen uses Cloudflare Works with the KV storage to power several things on CodePen. We do some cool stuff with them, like serve landing pages with the content provided by WordPress yet served on an entirely different Ruby on Rails powered site. We also serve up assets through them which provides lots of nice features both for us and for users indirectly and directly, like resizing and optimization.

Sponsor: Jetpack

Thanks to Jetpack for sponsoring CodePen Radio! Jetpack is a plugin, or perhaps now more like a suite of plugins, that help out your self-hosted WordPress site. Say you have a lot of WordPress sites under your purview and they all have different needs (super normal!). Jetpack has a new billing dashboard that helps manage at all in a sane way. Say you’ve got two sites that just need daily backup only, all good. Another that uses Jetpack Complete. Another where you use VideoPress and realtime backup, totally covered. You might have dozens or hundreds of sites if you manage client sites, and now this brings it all together in a manageable way.

The post 342: Workers appeared first on CodePen Blog.

Add TouchID authentication to sudo

Now that I have a TouchID enabled Mac, I want to be able use TouchID for sudo access.

There’s a pam module available, so it just needs enabling:

Edit /etc/pam.d/sudo

Add a new line under line 1 (which is a comment) containing:
auth sufficient pam_tid.so

(Leave all other lines in this file.)

That’s it. Now, whenever you use sudo, you have the option of using TouchID to authenticate.

Scripting it

It turns out that whenever there’s an OS update, /etc/pam.d/sudo is reset, so you need to re-add the line. Hence, I wrote a script called /usr/local/bin/enable-touch-id:

#!/usr/bin/env bash

set -e

case `grep -F “pam_tid” /etc/pam.d/sudo >/dev/null; echo $?` in
0)
echo “TouchID unlock already in place”
exit 0
;;
1)
sudo sed -i ” ‘1a
auth sufficient pam_tid.so
‘ /etc/pam.d/sudo

echo “TouchID unlock enabled”
;;
*)
echo “Error trying to read /etc/pam.d/sudo”
;;
esac

Don’t forget to enable execute permissions with chmod a+x /usr/local/bin/enable-touch-id and then you can simply run it after every OS update.

License Plate #API available in #Canada with VehicleRegistrationAPI.ca

Canada has a population of 38 million, with a car ownership ratio of 87%, meaning an estimated 33 million cars drive on Canada’s streets, and we’ve just launched an API that will allow business users determine the Make, Model, VIN , Fuel, Transmission, and other technical details from the license plate of the vehicle.

This API can be used for many different scenarios such as;

Auto Insurance: Faster and externally verified customer onboarding. Less customer-drop off while entering their vehicle data. Customers are more likely to know their own license plate, than their own VIN number. Plus you can be sure that the customer is not entering misleading information about their vehicle.

Car parts: Less mis-ordered parts, and added confidence in the order process for consumers. Customers can get their vehicle details incorrect, or ask you to order parts that are not suitable for their vehicle. Instead of wasting time and money returning incorrect parts to suppliers, using a vehicle license plate lookup can help ensure you are buying the correct parts, first time round. It also helps boost consumer confidence in the order process, they know they are buying a part specifically for THEIR car, not just a part that hopefully will fit!

Second hand car sales: Make it easy for sellers to quickly add their vehicle to your sales portal. If you are tracking more visitors to your “sell your car” page, than actually list a car for sale, then you have a customer drop off. A few percentage points is always unavoidable, but if you’re loosing 10%, 20%, 50% of potential sellers because you are not capturing information from them in an engaging way?, use this API to engage with sellers, and be the first to list their vehicle for sale and earn your commission.

Go to https://www.vehicleregistrationapi.ca/ to read more.

Car registration plates in Canada use the /CheckCanada  endpoint and return the following information:

Make / Model
VIN Number
Body / Trim
Transmission 
Fuel

Both a License plate and a State are required, where the state is a two letter code as follows;

Alberta
AB

British Columbia
BC

Manitoba
MB

New Brunswick
NB

Newfoundland and Labrador
NL

Nova Scotia
NS

Northwest Territories
NT

Nunavut
NU

Ontario
ON

Prince Edward Island
PE

Quebec
QC

Saskatchewan
SK

Yukon
YT

Sample Registration Number: 

CKST441 (ON)

Sample Json:

{

  “Description”: “Toyota C-HR”,

  “RegistrationYear”: “2020”,

  “CarMake”: {

    “CurrentTextValue”: “Toyota”

  },

  “CarModel”: {

    “CurrentTextValue”: “C-HR”

  },

  “MakeDescription”: {

    “CurrentTextValue”: “Toyota”

  },

  “ModelDescription”: {

    “CurrentTextValue”: “C-HR”

  },

  “ImageUrl”: “http://vehicleregistrationapi.ca/image.aspx/@VG95b3RhIEMtSFI=&#8221;,

  “Body”: “Sport Utility”,

  “Transmission”: “Automatic CVT”,

  “Drive”: “FWD”,

  “Trim”: “”,

  “VIN”: “JTNKHMBX8L1063053”,

  “Engine”: “2.0L L4 DOHC 16V”,

  “Fuel”: “Gasoline”

}