Forem: raddevus

Meme Monday

raddevus — Mon, 02 Mar 2026 18:31:16 +0000

Meme Monday

I can't wait all day for this site to start the Meme Monday post, so here it is.

Longest amount of time on any project?

raddevus — Mon, 20 Oct 2025 20:50:36 +0000

(from https://x.com/aarondotdev/status/1978478524916015513)

More Details From Wikipedia

Makes Me Question Myself As A Dev

"Hmm...I don't know if I've ever actually really focused entirely on project for 2 years (2080 hours x 2) on one project.
I've put a lot of hours into my C'YaPass (FOSS Password manager - source at GitHub.) program but realistically it isn't 4160 hours.

I have a couple of work projects that I've worked on for that many hours over 10 years probably. But again, I don't think I've ever focused on one project for 2 years straight.

How about you?

Have you worked on any Work Projects with that kind of focus?
Have you worked on any Personal Projects with that kind of focus?

I thinking of "intense focus" (2 years straight) especially, but please share any experiences you've had.

Why No New (Quality) Android Programming Books?

raddevus — Mon, 23 Sep 2024 18:22:23 +0000

Why haven't there any new books since the great Android Programming Big Nerd Ranch 5th ed., 2022?

There have been a lot of changes in the Development Process and in Android Studio over that period of time, but no quality books published on the new changes.

I'm going to try out Programming Android With Kotlin (Jan. 2022) but I haven't seen any other good ones since those two.

Have you read any great Android Programming books? Please share in the comments.

10 Reasons You Should Never Hire a Dev Who Writes a List Article On Dev.To

raddevus — Fri, 09 Aug 2024 13:19:57 +0000

10 - Lowest common denominator.

The list article is the easiest of all articles to write and requires the least amount of creativity. Is that the type of Software Dev you want to work with? One who takes the easy way out.

9 - Attention Getter

The list article is only written to gain attention. A writer who writes a list article is likely vainglorious and attention-seeking with no substance behind them. Is this the kind of employee you want working for our company?

One who just wants to get attention: be ready to experience tons of drama if you hire the list article writer.

8 - Lack of Creativity

The fact that the dev has chosen to write a list article is proof that they have very little creativity and cannot think of an interesting article that focuses on a specific topic. Do you want to work with non-creative employee?

7 - Boring

Imagine listening to a person who just rambles off a list of facts. It's so boring. Do you want to work with boring people? If you're answer is no, then don't hire a person who writes a list article on Dev.to

6 - Doesn't Really Know the Topic

If the person has written a list article, it is because they don't really know how the topic. Instead, they've just jammed some interesting pieces together in an attempt to create content and post an article.

However, when the person begins to write code, look out. The important thing about code is not if you know a bunch of interesting facts, but if you know how to put things together to create a solution.

5 - Unlikely Able To Write Complete Solutions

It is unlikely that the person who is writing a list article has the ability and focus to complete an entire app. Keep in mind that coding (creating software solutions) is not just about writing code. To create a complete app you will have to do many thing such as:

use version control system (git)
translate user stories into the solution
communicate with other devs
communicate with project manager
write unit tests
deploy your code And much more. The person who writes a list article shows only that she can understand small snippets of code in isolation from everything else. That's not very helpful.

4 - Doesn't Have the Stamina

Writing a list article shows that the dev doesn't have the stamina to do everything it takes to write a complete solution. Instead, they just want to drop some fast facts and run. That's not how coding happens at any real company which is trying to produce software solutions.

3 - Probably Written By AI

The list article is probably written by AI anyways. Most likely if you're reading a list article, it was written by AI, so when you hire the dev who "wrote" the list article they won't understand the content of their article anyways. Don't be fooled, don't hire a list article writer.

2 - Boring, Non-Creative, Drama-Seeker

If you hire a list article writer, you are going to get the trifecta of bad employees:
Boring Non-Creative Drama-Seeker who just wants to stir up drama about which syntax to use but who cannot create great software solutions that people want to use.

1 - Know-It-All

The person who writes the list article will probably be jabbering on about how you "should've used this latest feature of the language" or "oh, you could've used JavaScript Map here...".
Meanwhile you are writing the code that creates the over all solution and rolling your eyes at the list article author's comments.

I'm sure you'll agree that the list article is the worst of all article types and any dev who writes a list article should be avoided.

List Article Upvoter

However, if you are wary of hiring the list article writer, you should be doubly-wary of hiring the List ARticle Upvoter.
If you see a dev who upvotes a list article and says the article is great, it is obvious that they are someone who knows even less than the list article writer.

That's an amazing amount of un-knowledge.

These list article upvoters don't even know as much as the list article writers. Beware! You don't want these people on your dev project.

Conclusion

The list article is over & should never be written again. Do not trust list article writers or list article upvoters.

50 + 50 Basic Linux Commands (100 Total)

raddevus — Fri, 12 Jul 2024 15:41:52 +0000

ls - List directory contents.
cd - Change the current directory.
pwd - Print the current working directory.
mkdir - Create a new directory.
rmdir - Remove an empty directory.
rm - Remove files or directories.
cp - Copy files or directories.
mv - Move or rename files or directories.
touch - Create an empty file or update the timestamp of an existing file.
cat - Concatenate and display file content.
more - View file content one screen at a time.
less - View file content with backward movement.
head - Display the first few lines of a file.
tail - Display the last few lines of a file.
echo - Display a line of text.
man - Display the manual for a command.
info - Display command information.
which - Locate a command.
whereis - Locate the binary, source, and manual page files for a command.
find - Search for files in a directory hierarchy.
grep - Search text using patterns.
sed - Stream editor for filtering and transforming text.
awk - Pattern scanning and processing language.
sort - Sort lines of text files.
uniq - Report or omit repeated lines.
diff - Compare files line by line.
cmp - Compare two files byte by byte.
comm - Compare two sorted files line by line.
wc - Print newline, word, and byte counts for each file.
cut - Remove sections from each line of files.
paste - Merge lines of files.
tr - Translate or delete characters.
split - Split a file into pieces.
join - Join lines of two files on a common field.
tee - Read from standard input and write to standard output and files.
xargs - Build and execute command lines from standard input.
chmod - Change file modes or Access Control Lists.
chown - Change file owner and group.
chgrp - Change group ownership.
ln - Create hard and symbolic links.
df - Report file system disk space usage.
du - Estimate file space usage.
mount - Mount a file system.
umount - Unmount file systems.
fsck - File system consistency check and repair.
mkfs - Build a Linux file system.
mkswap - Set up a Linux swap area.
swapon - Enable devices and files for paging and swapping.
swapoff - Disable devices and files for paging and swapping.
free - Display amount of free and used memory in the system.
top - Display Linux tasks.
htop - Interactive process viewer.
ps - Report a snapshot of current processes.
kill - Send a signal to a process.
pkill - Send a signal to processes based on name and other attributes.
killall - Kill processes by name.
bg - Resume a suspended job in the background.
fg - Bring a job to the foreground.
jobs - List active jobs.
nohup - Run a command immune to hangups.
screen - Terminal multiplexer.
tmux - Terminal multiplexer.
ssh - OpenSSH SSH client (remote login program).
scp - Secure copy (remote file copy program).
rsync - Remote file and directory synchronization.
wget - Non-interactive network downloader.
curl - Transfer data from or to a server.
ping - Send ICMP ECHO_REQUEST to network hosts.
traceroute - Print the route packets take to the network host.
netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.
ss - Another utility to investigate sockets.
ip - Show/manipulate routing, devices, policy routing, and tunnels.
ifconfig - Configure a network interface.
iwconfig - Configure wireless network interfaces.
nmcli - Command-line client for NetworkManager.
systemctl - Examine and control the systemd system and service manager.
service - Run a System V init script.
init - System V-style initialization.
shutdown - Halt, power-off, or reboot the machine.
reboot - Reboot the system.
halt - Halt the system.
poweroff - Power off the system.
crontab - Schedule periodic background jobs.
at - Schedule commands to run at a particular time.
uptime - Tell how long the system has been running.
dmesg - Print or control the kernel ring buffer.
uname - Print system information.
lsb_release - Print distribution-specific information.
hostname - Show or set the system’s host name.
date - Display or set the system date and time.
cal - Display a calendar.
bc - An arbitrary precision calculator language.
dc - An arbitrary precision calculator.
dd - Convert and copy a file.
tar - Archive files.
gzip - Compress files.
gunzip - Decompress files.
bzip2 - Compress files.
bunzip2 - Decompress files.
zip - Package and compress files.

I hope you find this list helpful! If you have any questions or need further details about any of these commands, feel free to ask.

Yes, this was written with the following prompt to Copilot
"Please write an article that consistents solely of 100 linux commands and what they do"

#SysAdmin #DeveloperTips #LinuxTips #DevOps #CodingLife #CommandLine #LinuxTutorial #aws #linux #bash #devops

Cover image from : https://pixabay.com/illustrations/teacher-profession-education-5322852/

Your boss no longer accepts this idle excuse...

raddevus — Wed, 10 Jul 2024 13:15:37 +0000

Just a few short months ago, it was wasy to go to your boss and say, "StackOverflow is down so I can't move forward with my project." 🙄

But, she will no longer accept that answer.

Here's why:

The Dev game has changed to a whole new level.

10 Billion Passwords Cracked: Do You Even Understand Password Cracking? Do You, Really?

raddevus — Tue, 09 Jul 2024 20:13:35 +0000

Introduction

If you understood how passwords were cracked, you'd never use a natural-language word in your password again. And, that alone could make you entirely safe. Yes, I'll explain how that could make you safe further along in this article.

I'm taking a bit of an alternate view so we can think differently about what password cracks actually mean, and if passwords are just entirely unusable or not.

Background

All of the Security Geniuses tell you that passwords are a failed technology because so many passwords are cracked. But, why don't they ever clearly explain how passwords are cracked?

There seems to be a Movement that is trying to get rid of passwords that you own.

The Bombastic News

One of the problems is that the news covers low-brow technical issues in a bombastic way ("High-sounding but with little meaning".

Check out this article from today on LinkedIn.

Nearly 10 billion passwords leaked | LinkedIn

10 Billion passwords!? What?

Let's Rip That Article Apart Now, Shall We?

The article states:

"...almost 10 billion unique passwords have been posted to a hacking forum"

That leads you to believe that 10 Billion plaintext passwords ripe for the using have been posted.

However, that cannot be true. Because if it were, then what would the other sentences in the article mean? Especially the last one:

It could enable "brute-force attacks," which use trial and error to rapidly test a large number of passwords and gain access to systems that aren't protected.

Why would attackers need to do "brute-force attacks which use trial and error" when they have the passwords in the clear? Well, that's because they don't.

It is Alarmist reporting. I followed the links to the source article (on qz.com) and that article is even shorter and doesn't explain it at all. So, they did not post 10 Billion plaintext passwords at all.

But you already knew that Journalists do no work at all. They just make up sentences, then other "news" sites pick up the information and repeat it and it provides it with gravitas so the truth is no longer necessary. As long as you have shocking headlines, you win.

The Thing They Never Explain

Often the news reports these kinds of numbers and they report bad passwords, right?

It is obvious that many of those accounts and passwords are just for fake accounts or "pass-by" accounts where users have created a quick account to discover more information about a company or get a free item or whatever.

The Point: Fake Accounts With Bad Passwords

So, even though there are really bad passwords like (password1, abc123) what they don't explain to the reader is that there are millions of accounts created by pass-by users and others created by hackers and those users don't care about the password at all.

Yes, Normal People Create Bad Passwords

Yes, I know, normal people create terrible passwords. However, there is a simple thing they can do to make their passwords safe: Never use a natural-language word in the password.

The Solution

Instead, create a completely random set of characters as your password.

The Problem

Normal users would have no way to remember a set of random characters.

Obviously, that can be solved by forcing the user to use a Password Manager which generates random passwords.

The Weird Solution: Hamster Method

Here's a way to make a normal user's accounts almost entirely safe. Please chime in and comment below to argue why this might not be true.

Here are the steps:

Create one random password for the user's main email account by having a hamster run across the keyboard.
I just dropped my hamster on my keyboard and got : adgy788t6ops;ldfkyudt621@DCG32#@&
Use this one for her master password on her email account. That way her main email account is protected with a random strong password.
Write this down and keep in a sealed lock box -- at some point the user will have it memorized
After that, every time the user creates a new account she should drop the hamster on the keyboard again and generate a password, but for these accounts they do not need to be written down anywhere? What?
Each time the user goes to sign into any of the other accounts she will always simply say, "oh, I don't know my password, please reset the account" sent to her main email account.
She will retrieve the reset from the main email account and login
Now there is only one Main password to remember / use and the other ones will all just be reset every time. Isn't this GENIUS?!

My point is: If No One Knows Your Password (including you), It's Secure

My Real Point Is : Random!

My real point is that passwords must be random so they cannot be guessed.

But, to better state that point, I'd like to say this:

Passwords ust not include any pattern that someone can detect as a pattern.

That's true random.

How Crackers Crack Passwords

People seem to forget how crackers actually crack the passwords.

Ignore PlainText Storage

Let's ignore the companies which are storing your password in plaintext, ok? Do they still exist? I hope not. If they do then you are toast. No getting around that. Crackers going to crack and they going to get a password trove that is in plaintext.

Generate All The Hashes & Compare

The real way that crackers get passwords is:

Write an algorithm which hashes suspected passwords and password phrases to generate a huge database of hashes
Compare those hashes to what they find in the trove they exfilitrate from a company.
That's it!

Think About The Size of SHA256 Hash

So, 256-bit value is the value of 2^256.

The max value is :

115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,935

Let's refer to that number as HUGE-NUMBER.

Reach In Bag, Pull One Random Item Out

Think about this experiment.

Reach into a bag (without looking) which contains HUGE-NUMBER of items and randomly pull one item out.
Throw the item back into the bag with the rest of HUGE-NUMBER items.
Reach in a second time (without looking) and attempt to randomly pull the same one out again. Theoretically impossible!

Why does this matter?

This matters because any unique input will produce a new and unique output. At this point there are no collisions known in the SHA256 algorithm.

Why does any of this matter?

It matters, because we are going to use a SHA256 hash as our password.

Why? Because the SHA256 value is random. It's the equivalent of having a hamster run over your keyboard and create a password.

But How Are SHA256 Hashes Generated?

Well, we don't have to know how the dark details of the SHA256 algorithm work exactly, but we do need to know how to generate one.

We can use libraries which contain the SHA256 algorithm to generate SHA256 hashes.

Microsoft provides such a library and you can get to it via PowerShell

PowerShell Script to Create SHA256 From Any Text

param (
  [string]$target = $(Read-Host)
)
$stringAsStream = [System.IO.MemoryStream]::new()
$writer = [System.IO.StreamWriter]::new($stringAsStream)
$writer.write($target)
$writer.Flush()
$stringAsStream.Position = 0
$outHash = Get-FileHash -InputStream $stringAsStream | Select-Object Hash
$outHash.hash.ToLower()

First we read in a string value provided by the user ($target) at the command line.
Next, we set up a StringStream and set the value to the user-supplied string ($target)
Next, we call Get-FileHash (generates SHA256) and pass the user-supplied string to it
Finally, we lowercase the hash just for consistency.

Here are some words that I've hashed for you. I ran this on my Ubuntu 22.04.4 system.

64 Characters Long

The hashes are 64 characters long, because each of the 32 bytes (256 bits / 8 bits = number of bytes = 32) are represented by a 2 char Hexadecimal value.

Get the source (at the top this article) and you can try it too.

Here's a list of random words and their SHA256 hashes.

My Suggestion Is One I Use

My suggestion is that instead of making up a password again, you instead generate a SHA256 hash and use that as your password.

Couldn't A Cracker Generate The Same Hash?

But, wait, can't someone just use the same words I used to generate a SHA256 hash and then compare their hash to mine and then know what my password is?

Well, not really. Here's why.

Make Your Hash Salty

First of all you'd need to use two pieces of data in your hash so you could create very random hashes.

In order to make it more difficult (or theoretically impossible) for someone to get our original value, we need to add a 2nd value to our initial input. This 2nd value is called a salt.

Salt: Additional Word Or Phrase

For example we could create an additional word or phrase that we would append to every input that we will hash.

Here's all of the previous words with their associated hashes after adding the same salt to each one.

See how different the hashes are now? They're not guessable by any means. If they were then SHA256 hash algorithm would be cracked.

Keep That Salt Secret

But, you have to keep that salt secret. If it gets out then the cracker can generate all the words in the dictionary and hash them and then brute-force compare them all to the trove of SHA256 hashes that are in the 10 Billion password vault.

What You Really Need Is A Program To Do This For You

I just so happen to have written such a program and it is FOSS (Fully Open Source Software) and it is FREE forever.

That means:

You can try it for FREE
You can use it for FREE
You can examine and alter the software all you want...for FREE
Try It For Free
You can try it, right now in your browser if you want.

Just go to C'YaPass : Never type a password again and you'll see something like the following:

SiteKeys: Add Your Own

Of course, you won't have any siteKeys, but you can add them.

There are two parts to generating your password.

The SiteKey - unique string you make up to remember which site you'll use this pwd on.
A pattern you draw which generates a value - this is the salt to randomize the SHA256 hash

Finally, the value in at the lower right of the screen is a 64 character password (SHA256 hash) you can use on the site.

Your Passwords Aren't Stored Anywhere, They're Generated Every Time

This is cutting edge technology because your passwords are never stored anywhere.

To generate your password, you have to:

Select your SiteKey
Draw your pattern

You Only Need One Pattern

Because the pattern is the salt, each time you change your sitekey (select a different one on the left side) you will get a new password for the associated site. So you don't have to change the pattern for every sitekey.

Your Passwords Will Not Be Based On Natural-Language Words

This means your passwords will be random numbers and characters. They will not be in cracker's rainbow tables as targets to match.

Sites Will Hash Your Hash

When you use these hashes as your password, the sites you log into will then hash it to save it on their site which is interesting too.

But, I've added another layer of protection.

Multi-Hash: Hash Your Hash Numerous Times

Take a look at the updated C'YaPass and you'll see I've added the ability for you to hash the initial value X number of times (selectable by you). See the red highlighted section. If you change that value, then all of your hashes will be hashed X (10 in the example) extra times.

Conclusion

If you wanted really strong passwords, you would never use natural-language words in your passwords. EVER!
It seems that Password Problems are being reported on improperly to gain attention and to scare people for some reason. Passwords are fine and you own them yourself. But, they should never include words from natural-language. NEVER!
The reported password breach of 10 Billion passwords is obviously reported improperly. Those are not plaintext passwords but instead are (most likely) hashes of passwords which, if they include natural-language words the crackers may be able to use after brute-forcing their algorithm to generate SHA256 hash matches. That's the real password cracking technology today: hash matching.

Hash Matching

Since hash matching is the real way crackers are cracking passwords then it means you understand better what crackers are doing. Since you understand it better, you undersand you NEVER want to have natural-language words in your passwords.

To protect yourself, use a password generator which generates random passwords.

If you liked this article, check out my github sources for C'YaPass:

Web based solution - (also seen at https://cyapass.com/)
ElectronJS (cross-platform solution) - runs on macOs, Windows, Linux

And don't believe everything you read about passwords. 🤓

.NET Core WebAPI (Auto)Binding Parameters When Calling Via JavaScript Fetch

raddevus — Fri, 14 Jun 2024 15:27:13 +0000

Get the Source Code For This Article

All of the source code for this article is located at my github repo. It's all C# .NET Core 8.x and JavaScript code.

Introduction

This is a fast article with multiple examples of how to leverage the user of .NET Core WebAPI Auto-Binding feature. I know this is often called Model Binding, but my examples cover the case where you are just passing in one parameter value to a WebAPI method.

I also wrote this up at my blog in a slightly less refined article so you can check there for more details & to post comments if you like: JavaScript Fetch With .NET Core WebAPI: Fetch Method Examples For Auto Binding – Build In Public Developer

How This Article Will Work

I will provide two things for every example so you can see exactly how the Auto-Binding feature works in .NET Core WebAPI.

WebAPI method definitions (sample code via minimal API)

JavaScript Fetch examples you can use to POST to the WebAPI & see the result WebAPI Parameter Attributes
.NET Core WebAPI methods allow you to mark parameters with a numnber of different attributes:

[FromQuery]
[FromForm]
[FromBody]
[FromHeader]
[FromServices]*
[FromKeyedServices]*

*The last two are brand new to .NET Core 8.x & I will not cover them here. However, I will cover the first four Attributes with full examples.

Background

While writing another article where every user gets their own database (coming soon) I hit an issue with Auto-Binding parameters in .NET Core WebAPIs.

I have written a number of .NET Core WebAPIs but I've noticed that at times it has been easier than others. I generally like my WebAPIs to use [FromBody] to get the data from the posted body.

However, I discovered the exact reason why this would fail for me in certain situations.

Using FromQuery On the WebAPI Parameter

Let's start out with what I consider the simplest method of posting data, using the [FromQuery] attribute on the WebAPI method.

Source Code

I'll add the shortest amount of code here that makes it possible to create a quick discussion but if you want to see the source code you can download it from the top of this article or get it at my GitHub repo.

I'll create very small project of minimal WebAPIs and the methods will be named the same in almost every case, except they will include a number for each example so you can fired up the WebAPI locally and try the examples yourself if you like.

Start WebAPI: Use Browser To Test

Once you start the WebAPI (from the downloaded code) you can load the URL and use your browser console to use JavaScript Fetch API to POST to the WebAPI. Here's snapshot of what that looks like:

[FromQuery] Sample Code

C#
[HttpPost] public ActionResult RegisterUser1([FromQuery] string uuid)

In our Minimal API you will see this method defined in the following way:

app.MapPost("/RegisterUser1", IResult ([FromQuery] string uuid) =>   {
    return Results.Ok(new { Message = $"QUERY - You sent in uuid: {uuid}" });
});

JavaScript Fetch For [FromQuery]

JavaScript

fetch(`http://localhost:5247/RegisterUser1?uuid=987-fake-uuid-1234`,
      {method: 'POST'})
        .then(response => response.json())
        .then(data => console.log(data));

That one is easy enough. If you provide the queryString item (?uuid) in the URL then the item will be auto-bound to the uuid string variable and you'll get a valid result back. However, if you don't provide the queryString value, then an error will occur in the WebAPI when it attempts to auto-bind.

Error

An unhandled exception has occurred while executing the request.
Microsoft.AspNetCore.Http.BadHttpRequestException:
Required parameter "string uuid" was not provided from query string.

Using FromForm On the WebAPI Parameter

Let's define our second WebAPI method using the [FromForm] attribute.

app.MapPost("/RegisterUser2", IResult ([FromForm] string uuid) =>   {
    return Results.Ok(new { Message = $"FORM - You sent in uuid: {uuid}" });
})

NOTE - AntiForgery

As soon as I started running Fetch against the command above, I started getting an odd error message on the WebAPI side which looked like:

Unhandled exception. System.InvalidOperationException: Unable to find the required services. Please add all the required services by calling 'IServiceCollection.AddAntiforgery' in the application startup code. at Microsoft.AspNetCore.Builder .AntiforgeryApplicationBuilderExtensions .VerifyAntiforgeryServicesAreRegistered(IApplicationBuilder builder)

Breaking Change To .NET Core Minimal WebAPIs

Luckily I was able to search and discover what the problem is and how to fix it. Sheesh!

Breaking change: IFormFile parameters require anti-forgery checks - .NET | Microsoft Learn

Slightly Changed WebAPI for FromForm

app.MapPost("/RegisterUser2", IResult ([FromForm] string uuid) =>   {
    return Results.Ok(new { Message = $"FORM - You sent in uuid: {uuid}" });
})
.DisableAntiforgery()

Sheesh! It's always something!

JS Fetch Call For FromForm

There's some setup to pass our data on a web form. First we have to create the FormData object and add our name/value pairs. After that we can post the data.

JavaScript

// 1. Create the FormData object
var fd = new FormData();
// 2. Append the name/value pair(s) for values you want to send
fd.append("uuid", "123-test2-2345-uuid-551");
fetch(`http://localhost:5247/RegisterUser2`,{
      method:'POST',
     body:fd,   // add the FormData object to the body data which will be posted
})
.then(response => response.json())
.then(data => console.log(data));

Now that we've used two different attributes that have worked well. Let's delve into using [FromBody] attribute which will present great difficulty.

Using FromBody On the WebAPI Parameter

app.MapPost("/RegisterUser3", IResult ([FromBody] string uuid) =>   {
    return Results.Ok(new { Message = $"FORM - You sent in uuid: {uuid}" });
})

JavaScript Fetch Call for FromBody Is Problematic

At first look, this one should be easy, because you may think you should just be able to pass in a string value on the body. That's what I thought, anyways.

Doesn't Work

JavaScript

fetch(`http://localhost:5247/RegisterUser3`,{
      method:'POST',
     body:"yaka-yaka",   
})
.then(response => response.json())
.then(data => console.log(data));

However, that won't even make it past your browser, because it expects you to define an object (between two { } curly braces) for the body.

Next, you may believe you can just create an object which includes the name of the target param (uuid) and pass that, something like the following:

Doesn't Work 2

JavaScript

var data = {"uuid":"yaka-yaka"};
fetch(`http://localhost:5247/RegisterUser3`,{
      method:'POST',
     body:data,   
})
.then(response => response.json())
.then(data => console.log(data));

That doesn't work and won't get past your browser either. Again, it believes the body object is constructed improperly.

Doesn't Work 3

JavaScript

fetch(`http://localhost:5247/RegisterUser3`,{
      method:'POST',
     body:{"uuid":"this-is-uuid-123"},   
})
.then(response => response.json())
.then(data => console.log(data));

Still doesn't work. you will get a 415 Unsupported Media type. So you need to add the Content-Type object and set it to JSON so the Fetch call knows you intend to make the call with JSON. That has happened because you added the curly brackets to the body.

Doesn't Work 4: But Does Hit WebAPI

This one does actually hit the WebAPI.

JavaScript

fetch(`http://localhost:5247/RegisterUser3`,{
      method:'POST',
     body:{"uuid":"this-is-uuid-123"},   
    headers: {
           'Content-type':'application/json; charset=UTF-8',
       },
})
.then(response => response.json())
.then(data => console.log(data));

However, now you get the error from the Server which states:

Auto-Bind Error: WebAPI Couldn't Bind to Variable

Microsoft.AspNetCore.Http.BadHttpRequestException: Failed to read parameter "string uuid" from the request body as JSON.

This is an auto-bind error, because the WebAPI didn't see the uuid value, even though we did pass it in with our body object.

At this point I was flabbergasted.

What's The Issue: How Do You Solve It?

Well, you can't solve it on the JavaScript side. Come to find out, you cannot pass a string value directly to the WebAPI as a parameter. Instead you have to create a server-side object that matches the client-side object.

Creating The Server-Side Object

Here's the new class we'll add to our Program.cs (just for sample purposes):

record UuidHolder{
    public string uuid{get;set;}
}

Define RegisterUser4 For Working Example
We will use the following WebAPI for our working example:

app.MapPost("/RegisterUser4", IResult ([FromBody] UuidHolder uuid) =>   {
    return Results.Ok(new { Message = $"BODY - You sent in uuid: {uuid.uuid}" });
})

This will keep the RegisterUser3 WebAPI method so you can see that it is impossible to get it to bind.

Now, we have to slightly alter our JavaScript Fetch call to also use JSON.stringify() and then everything will work.

JS Fetch For FromBody & Using JSON.Stringify

JavaScript

fetch(`http://localhost:5247/RegisterUser4`,{
      method:'POST',
     body:JSON.stringify({"uuid":"this-is-uuid-123"}),   
    headers: {
           'Content-type':'application/json; charset=UTF-8',
       },
})
.then(response => response.json())
.then(data => console.log(data));

It works!

I thought that sending the data in on the body would've been the easiest way, but it is the most difficult. Let's cover the last one (FromHeader) and wrap this up.

Using FromHeader On the WebAPI Parameter

Here's the last one which allows us to put our data in the header and post it.

app.MapPost("/RegisterUser5", IResult ([FromHeader] string uuid) =>   {
    return Results.Ok(new { Message = $"HEADER - You sent in uuid: {uuid}" });
})

JavaScript Fetch For [FromHeader]

This one is very easy to do, but I'm not entirely sure why we'd post data using headers.

However, it does help us auto-bind data to some header value we may have.

fetch(`http://localhost:5247/RegisterUser5`,{
      method:'POST', 
    headers: {
           'Content-type':'application/json; charset=UTF-8',
            "uuid":"123-456-789"
       },
})
.then(response => response.json())
.then(data => console.log(data));

Now, you can auto-bind in .NET Core WebAPI methods using any of the basic attributes and your data will get through. When it doesn't, you'll understand where to look.

Bonus Material OpenApi Documentation

Wow! I just discovered (after publishing my article) that I actually got some free documentation of my APIs via OpenApi.

The dotnet project template added a few lines in the Program.cs file which handles generating documentation.

app.UseSwagger();
app.UseSwaggerUI();

Then, on each post method I had added the following call:

.WithOpenApi();

How Do You View OpenApi Documentation?

I searched all over the web and scanned this lengthy document that explains OpenApi documentation but it never showed me how to view the docs. It's crazy! I finally found out how to view the autogenerated docs here.

To examine the documents start up the webapi and go to : http://localhost:5247/swagger

You will see the following:

You Can Also Try Out The Api Via Curl

The document is active and you can now try out the API via the UI. It uses curl in the background to post to the webapi and you're going to see that curl can post properly to the body method. However, it fails on the FromForm one. Really interesting.

So Long Again, Wayland, You Were Almost There

raddevus — Tue, 11 Jun 2024 19:05:57 +0000

Originally published at my blog: So Long Again, Wayland, You Were Almost There

Background

I’m running Ubuntu 22.04.4 LTS on my main desktop machine.

I switched from Windows 10 (after 28 years of using Windows exclusively) and I’m quite happy on Ubuntu.

I use my Ubuntu machine to :

Remote into Win10 work machines (I use Remmina (Remmina remote desktop client – Remmina[^]) & it is far better than Windows RDP)
Run VirtualBox which hosts my Win10 machine for rare instances when I need to do something Windows-based

The Bug That Drove Me Crazy: Stutter-typing

A few months ago a bug arose in an uknown-to-me package named Mutter which caused the Linux terminal to stutter when you’re typing.

At times, because I type so fast, the terminal would drop letters and I’d have to back up and retype my command. Oh it was agonizing — and it was subtle because I kept thinking, “maybe it is fixed…can’t tell…” then the stuttering!! Oy!

Special Set Of Hardware & Software Causes the Problem
A user had to be running Ubuntu 22.04 and have the following:

Mutter: 46.0
Present in XOrg (aka X11): Yes
Graphics: NVIDIA 550.67

I have an NVIDIA 1660 installed on my machine and I was still on X11.

Suggested Fixes

The suggested fixes were not great and one of them was ridiculous. The ridiculous one was “update to Ubuntu 24.04” which is kind of a major change. I was against it so I suffered through.

I Noticed Wayland

But, then, on Jun 07, 2024 I finally had enough because the terminal slowness was just driving me crazy.

I read over the solution posted at AskUbuntu (https://askubuntu.com/questions/1509058/input-delay-on-terminal-ubuntu-22-04-4/1516935#1516935)[https://askubuntu.com/questions/1509058/input-delay-on-terminal-ubuntu-22-04-4/1516935#1516935] and I noticed that it said:

Present in XOrg: Yes
Present in Wayland: No

“Ok, that sinks it”, I thought. “I’m moving to Wayland.”

Let’s Move To Wayland
But, you may ask, why weren’t you already on Wayland?

That’s a great question. It’s becuase when I upgraded to Ubuntu 22.04 and tried Wayland I had two major issues:

When connecting to remote Win10 boxes using Remmina I couldn’t ALT-TAB through processes (Why doesn’t Remmina handle sending Alt-Tab to remote computer on 22.04 Jammy Jellyfish?)
The Android emulator wouldn’t start under Wayland (Why won’t my Android emulator start on Ubuntu 22.04?)
So I figured I’d switch over to Wayland and try those two things and if they worked I’d stay on Wayland.

Tried It & Both Were Resolved

I switched over to Wayland — the new system makes it very easy to do so — both of those issues were resolved.

“That’s great”, I thought. “I guess I’m a Wayland user now.” But, unfortunately, it was too fast.

Why I Left Wayland Again

Today, I needed to share my screen in MS Teams but when I went to the area where the functionality should be in my Linux MS Teams installation, I could not find the Share Screen functionality.

MS Teams: No Share Screen Functionality

I couldn’t figure it out at first and then it dawned on me, “I wonder if this is because of Wayland!?!”

NOTE: This is the MS Teams Linux installation (a .deb pkg) which Microsoft has basically hidden now. But you can still get it at: (https://mirror.slackware.hr/sources/teams/teams_1.5.00.23861_amd64.deb)[https://mirror.slackware.hr/sources/teams/teams_1.5.00.23861_amd64.deb]

I logged out, hit the gear icon and started Ubuntu 22.04.4 without Wayland (running X11 again).

I started up MS Teams and started a call with one of my Team members and discovered that I do have the Share Screen functionality again.

This may very well be a bug in MS Teams, however, I need that functionality so I’ll be running X11 until it is resolved.

I was happy to finally be on Wayland, but unfortuantely it wasn’t meant to be. X11 is running great and the Mutter bug is resolved (sooooo glad) so all is good again. Too bad I had to say bye to Wayland though.

What’s Your Experience On Wayland or X11?

Which one are you running: Wayland or X11?

What is your experience with Wayland?

Are your apps working properly?
Leave a comment and let me know.

Is Dependency Injection the Missing Technique That's Holding Your Career Back?

raddevus — Mon, 12 Feb 2024 19:57:51 +0000

Get The Code

As you read this article, you are going to see a lot of code snippets. You can get the source code to the entire project and run it using .NET Core. All source code is at my GitHub: https://github.com/raddevus/InterfaceStudy

Introduction

Yes, the title of this article was an attempt to get your attention. But, I hope you'll stay with me, because I've been learning & using OOP (Object Oriented Programming) for 30 years and Dependency Injection (DI) still sometimes alludes me and annoys me. I'm very interested in what you think of DI.

Dependency Injection Has Taken Over OOP?

I understand the benefit of using DI but there are places where it feels as if it obscures the clarity of code. At this moment in "Software Development History", it seems that Dependency Injection has taken over almost every other idea in OOP. I want to talk about that and hopefully get feedback from you about how you feel about it.

DI: Promises, Promises

The promise of Dependency Injection (DI) is that code is more loosely coupled.
Loosely coupled code means you should be able to switch out pieces more easily.

That should mean that extending your code and changing it is easier.

Large Projects With DI Architecture?

However, I don't know if you've been on any larg(er) projects where much of the architecture is based upon Dependency Injection, because they can be very odd to debug and deal with. Especially if there is a IoC (Inversion of Control) Container involved -- the company I work for uses Microsoft Unity (see UnityContainer.org for more) -- this is not the Unity game engine.

Background

In the past 4 - 6 years the company I work for has pushed DI to the forefront: all code that is created must use DI, there are no exceptions.

Write / Log Anywhere

I've also often thought about a specific solution that I'd like to see which allows me to write code debugging statements to a file, to a database or even post them to a WebAPI.

Request For Comments (RFC)

I finally created a good start the contains full implementation of my idea which is:

Built on full Dependency Injection concept
Guides the implementor to use the code to build their implementation

I'm really hoping that you'll take a look at my design and tell me what you think.

I'm hoping that if you've never really dealt with Dependency Injection it'll open your eyes and make you consider where you might use it.

But I'm also hoping that some of you will give the counterpoint (why you don't like it) also.

Now, let's get started as I try to explain what I'm trying to get there and why I'm using Dependency Injection for this design.

It All Starts With Behaviors

Interfaces are really just contracts of behavior. They have no implementation, but instead are just a promise of some future behavior that will be provided by the classes.

What I Want

I want a way to track the activity that is going on in my code. I want a way to quickly and easily add a line of code which :

Logs a message that I provide
timestamps the message
WriteActivity Method

To me, that sounds like a WriteActivity method.

I'm going to add that to an Interface and here it is:

public interface ITrackable
{
    bool WriteActivity(String message);
}

That's it. The method will take a String message that will be stored and it will return a bool (true if successful, otherwise false).

Forcing the Implementor

Now, keep in mind that this contract of WriteActivity is really a way to force the implementor (developer who uses Interface) to implement this method.

Next Question: Where Will It Write the Message?

We need a way to tell it to write to Storage of some kind. In this case I'm thinking of three possible choices (there could be more in the future):

file (need a path and file name)
database (need a database and table)
WebAPI endpoint (need a URL)

Different Storage Types: Different Configurations

In each case I need a different type of configuration.

Well, the first thing I'm thinking here is that I can store the file, the database connection or the URL as a string. Okay, let's force the implementor to also implement a place to hold the string which will represent the target storage. Plus we need a Configure() call to always be called to insure that the StorageTarget is set, so let's add those now.

public interface ITrackable {

  bool WriteActivity(String message);

   // StorageTarget is one of the following:
   // 1. full-filename (including path)
   // 2. DB Connection string
   // 3. URI to location where data will be posted.

   // StorageTarget will wrap the private var 
   // used to contain the filepath,
   // connectionString, URI, etc.

   String StorageTarget { get; }
   // We need to insure that the Configure call is always made before the 
   // implementation class is instantiated.  We'll see how to force this.
   bool Configure();
}

So Little, Just An Idea Really

It's odd, because so far, it is not much of anything. There's no implementation and barely anything here. As a matter of fact, the new StorageTarget variable is read-only and can't even be set.

Very Generic

That's because I want the user to define a String variable name of their own to hold the StorageTarget. You see the StorageTarget may be a file path or it may be a connection string to a database. So I need this thing to be very generic.

Let's keep going and see if it makes any sense.

Forcing the Implementor To Initialize

There's one more thing I want to force the implementor to do when using this design. I want the implementor to always run a Configure() method before any other code runs.

I want the implementor to do this because there will be different required configuration / initialization for each of the TargetStorage types.

Example With A File

In the case of a file, we will need a target file path to be set so that when the WriteActivity() method calls it will write to the correct (expected) file.

However, it will be different for a database table.

Example With A Database Table

When the TargetStorage location is a database connection string then the configuration will be different. It will consist of a connection string which points to a database and a table and sometimes other information.

Note: In our implementation I will be using Sqlite database because you will be able to run all of the code very easily -- no special database set up like sql server or mysql.

I can't force an implementor to call a method with an Interface. However, I can do so with an abstract class.

Abstract Class: Part Virtual, Part Implementation

public abstract class Trackable, ITrackable {

  public Trackable(){
     Configure();
  }

  // Since we are derived from ITrackable 
  // we have to "implement" 
  // the ITrackable methods, but we 
  // want the implementing class to 
  // implement them so we are going 
  // to make them abstract here.
  public abstract bool Configure();
  public abstract bool WriteActivity(String);
  public abstract String StorageTarget{get;}

}

We have four methods, three abstract (unimplemented) and the other implemented (constructor):

Trackable() constructor calls Configure()

The rest of the methods are the ITrackable methods that we are forced to "implement" but we've made them abstract so the target implementation class will have to write those implementations.
Now, let's finally see what an implementor will do to build on top of the ITrackable and Trackable classes. After that, we can talk about whether or not it is valuable and helpful.

Finally, A Realized Class: Implementation Rules!

Let's do this in steps. First let's just add the class.

public class FileActivityTracker : Trackable
{

}

A Trackable is a ITrackable (via inheritance) so that means our FileActivityTracker is a ITrackable. This will become important later.

If you do that and then try building the program you'll get some errors from the C# compiler that look like:

error CS0535: 'FileActivityTracker' does not implement inherited abstract member 'Trackable.Configure()'
error CS0535: 'FileActivityTracker' does not implement interface member 'ITrackable.StorageTarget'
error CS0535: 'FileActivityTracker' does not implement interface member 'ITrackable.WriteActivity(string)'

The compiler is warning us that we have not implemented the items which are defined in the abstract class and Interface.

Let's implement the Configure() method first.

Note: Linux or Windows

I wrote this code so it runs on both Linux and Windows so you'll see an odd thing where I get the Path.DirectorySeparatorChar for use in the path (on Windows it is backslash \ but on Linux it's slash /) but that is just overhead and not related to the true Configure() method.

In reality, you would probably just read the FileName from a configuration file and that'd be it.

I added some special code here so it will create a file in your userprofile\temp directory.

On Windows that is \users<user.name>\temp\
On Linux that is /home//temp/

Then, after that line I've added a Console.WriteLine() which will let us know when the Configure() method runs.

This is just for demonstration purposes, because I want you to see that the method runs before the implementation class (FileActivityTracker) runs.

Real Implementation, Probably Uses App.Config

My point is that in the real implementation, the only code that would really be in the Configure() method is the code to set up the FileName that will be written to. And that would probably come from some startup config (app.config) that is read when the app starts.

And, oh yeah, keep your finger on that FileName variable because it is really a backing field to the class TargetStorage Property that we need to add (below). Hopefully, it'll make more sense in a moment.

public override bool Configure(){
   char pathSlash = Path.DirectorySeparatorChar;
   Console.WriteLine($"{DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss.fff tt")} : Configure() method called! ");

   // read values from configuration
   FileName = @$"{Environment.GetFolderPath(Environment.SpecialFolder.UserProfile)}{pathSlash}temp{pathSlash}InterfaceStudy.log";

   return true;

}

We are also missing the implementation of StorageTarget so let's add that property now.

StorageTarget: Just A Pass-thru Property

In an attempt to force the implementor to understand that she will need a place to store the file name, connection string etc. I've added this StorageTarget thing. However, it is really just a common variable name that we use to get to the true value that holds the value of target.

The user will create a private backing field which has a more definitive name for what the StorageTarget is. In my example I name that backing field FileName. Here's the code that will be added to our FileActivityTracker class.

private overrid String FileName;

public override string StorageTarget
{
   get
   {
       return FileName;
   }
}

The FileName variable cannot be touched externally and can only be set from within the FileActivityTracker class

Finally, we get to see the implementation of the WriteActivity(String message) method and I believe that will all make it a bit clearer.

public override bool WriteActivity(String message)
{
  try
  {

    File.AppendAllText(StorageTarget, $"{DateTime.Now.ToLongTimeString()}: {message} {Environment.NewLine}");
    return true;
  }
  catch (Exception ex)
  {
    return false;
  }
}

Keeping It Simple

The WriteActivity method is very simple. It is just a call to File.AppendAllText (part of .NET libraries) to write a line of text to a text file.

File.AppendAllText takes two parameters:

Full file path to the file the method will open and write to
An output string to write to the target file
The magic in our implementation is that the first parameter is our StorageTarget. It is our generically named String which was configured to point to our target file.

The output just contains some additional information which is added to the user's message variable. In this case we add a DateTime stamp and a newline so that each time we write to the file it will be on a new line.

How Do We Use The Class?

Seeing how to use the class brings it all home.

Hiding the Details of the Implementation

One of the key features of seeing a simple usage is that we discover that the details of all of this implementation are hidden to the user and that is a huge benefit. The user of the final implementation class doesn't have to think about all of this.

ITrackable fat = new FileActivityTracker();
fat.WriteActivity("The app is running.");

All the user needs to do is:

new up a FileActivityTracker
Call the WriteActivity method to write a message.

In our case with the example, the output will be stored in a file named InterfaceStudy.log and the output will look like:

5:26:38 PM: The app is running.

ITrackable: Our FileActivityTracker Is ITrackable

It is very important to notice that our FileActivityTracker is actually an ITrackable. That means we could replace this ITrackable implementation with any other ITrackable implementation. We will see how this is important when we create our SqliteActivityTracker and how this allows Dependency Injection.

We Could End the Article Here

I could stop now and you'd have a full example of designing toward the idea of Dependency Injection except we haven't exactly injected anything have we?

To really understand why this technique of designing to an Interface is important we need to see how The FileActivityTracker could be easily replaced by another class. We also need to see the actual concept of injection.

Constructor Injection

What does injection mean anyways? In our case it is going to mean injecting a particular type into a class that will use our type. How will we inject the type? We will send it into the class via the constructor. This is called constructor injection.

What Is the Point?

But, what is the point of all of this? Let's say you have a class that has a method named WriteActivity() -- same name as the one that we have in our Interface. Let's say that you've implemented the WriteActivity() method so it will write to a file. Again, just as we have in our Interface. Now, further imagine that your method is called all over the place so that users can write messages to the file.

The Change Comes & Destroys Your Code

Then someone at a high level says,

"We can't write files to the user's drive. We have to store that data in a database."

Now, you'd have to go in and alter the class where you've written your WriteActivity() algorithm and you'd have to test all the places that call the code to make sure it works.

Let's say your class and class usage looks something like the following:

Bad Code Example

class FileWriter{
      String FileName {get;set;}
      WriteActivity(String message){
          File.AppendAllText(FileName, message);
      }

class Thing1 {
       private FileWriter fw = new FileWriter();

       Thing1(){
              fw.WriteActivity("In the Thing1 ctor...");
       }
}

class Thing2 {
       private FileWriter fw = new FileWriter();
       Thing2(){
              fw.WriteActivity("In the Thing1 ctor...");
       }
}

This is a very simple example but really take a look at it and think about it for a moment.

Imagine if you change the FileWriter WriteActivity method. First of all, if you have other classes which are depending upon the class still writing to a file and you update the the method to write to a Database table then you are going to mess up all that other code.

Or, as another example, imagine if the Thing2 class needs to write to the database but the Thing1 should still write to the File. What could you do then? Maybe create an fake overloaded method for WriteActivity that looks like WriteActivity(String message, bool useDB) just so you have a different method signature. That's not great.

Design to An Interface: Design to Behavior

However, if we design to behaviors and then allow just the behaviors to change we make a much easier way forward. Let's see how we might use Dependency Injection with the classes above and our ITrackable, Trackable solution.

class Thing1 {

   private ITrackable fat;

   // Here's the actual Dependency Injection!
   // When we construct the Thing1 object 
   // we inject the tracker implementation 
   // which will be used later 
   Thing1(ITrackable tracker){
        fat = tracker;
    }

    int DoingWork(){

       // This code will write to a file 
       // when fat is a FileActivityTracker
       // and to Sqlite when we implement 
      //  SqliteActivityTracker.
      fat.WriteActivity("In the DoingWork() method...");
   }
}

So, if we inject our FileActivityTracker into Thing1 it will write to a file.

Our calling code might look like:

Thing1 t = new Thing1(new FileActivityTracker());

We can change that at any time without changing any code. That's the value of Dependency Injection.

Probably Set Up In App Configuration

And, when you really carry this out, the call to new FileActivityTracker() would be set up in a app configuration so that when the app starts all of these types are set.

Let's implement a ITrackable that writes to Sqlite now so you can see this in action.

SqliteActivityTracker Implementation Code

public SqliteActivityTracker()
{

   try{
   // ########### FYI THE DB is created (if doesn't exist) when it is OPENED ########
      connection.Open();
      File.AppendAllText(@$"{rootPath}{pathSlash}{tempDir}{pathSlash}InterfaceStudy.log", $"{DateTime.Now.ToLongTimeString()}: {Environment.CurrentDirectory} {Environment.NewLine}");
      FileInfo fi = new FileInfo(@$"{rootPath}{pathSlash}{tempDir}{pathSlash}tracker.db");

      if (fi.Length == 0){
         connectionString = fi.Name;

         foreach (String tableCreate in allTableCreation){
            command.CommandText = tableCreate;
            command.ExecuteNonQuery();
        }
     }

    Console.WriteLine(connection.DataSource);

   }
   finally{
    if (connection != null){
     connection.Close();
    }
   }
}

public override bool WriteActivity(String message)
{

   Command.CommandText = @"INSERT into Task (Description)values($message);select * from task where id =(SELECT last_insert_rowid())";
   Command.Parameters.AddWithValue("$message",message);


   try{
      Console.WriteLine("Saving...");
      connection.Open();
      Console.WriteLine("Opened.");

      // id should be last id inserted into table

      var id = Convert.ToInt64(command.ExecuteScalar());

      Console.WriteLine("inserted.");

      return true;
   }

   catch(Exception ex){
     Console.WriteLine($"Error: {ex.Message}");
     return false;
   }

   finally{
      if (connection != null){
      connection.Close();
   }
 }
}

  // This creates the table for the 
  // sample project so everything is
  // done for you and all the code will run properly.
  protected String [] allTableCreation = {

      @"CREATE TABLE Task  
      ( [ID] INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
        [Description] NVARCHAR(1000) check(length(Description) <= 1000),
        [Created] NVARCHAR(30) default (datetime('now','localtime')) check(length(Created) <= 30)
      )"
  };
}

This Is The Amazing Part: Change Without Changing Old Code

Now that we've implemented that code, all we have to make our Thing1 use the SqliteActivityTracker is the following:

Thing1 t = new Thing1(new SqliteActivityTracker());

Now all the internal (to Thing1) calls to WriteActivity will write to the Sqlite database instead.

Get The Source Code and Try It

You can get the source code and build it and try it.

You will see that the only calling code is the following four lines:

ITrackable fat = new FileActivityTracker();
fat.WriteActivity("The app is running.");

ITrackable sat = new SqliteActivityTracker();
sat.WriteActivity("This is from the app!");

We could've even made that a bit more generic to show that the same ITrackable can carry any ITrackable type by showing the following code:

ITrackable tracker = new FileActivityTracker();

// Writes to the file
tracker.WriteActivity("The app is running.");

// set tracker to carry a SqliteActivityTracker
tracker = new SqliteActivityTracker();

// writes to sqlite db
tracker.WriteActivity("This is from the app!");

Dependency Injection Is Really About Design

As you can see, DI is really about Design and thinking about your classes in a more abstract way.

You have to think about shared behaviors and how you might create classes that support those similar behaviors that are implemented in different ways.

Get The Source & Try It Out

If you get the code you will see that it will write:

Write to a InterfaceStudy.log file
Create and write to a Sqlite db (tracker.db in same location as file)

You'll see output something like the following:

2024-02-12 11:14:16.358 AM : Configure() method called!
2024-02-12 11:14:16.394 AM : FileActivityTracker ctor...
/home//temp/tracker.db
/home//temp/tracker.db
Saving...
Opened.
inserted.

New Ideas & Comments?

I hope this has given you some new ideas about this concept and I hope you'll comment about what you like and don't like.

Software Devs: We Live In a World Of Broken Things

raddevus — Tue, 09 Jan 2024 16:40:19 +0000

I'm building a iOS (iPhone) app which makes requests to a C# .NET Core WebAPI back-end.

I'm creating the WebAPI back-end as I create the App itself. There's a lot of back-and-forth as I change a thing in the App and then need the WebAPI to give me different data.

Everything's Broken

It started me thinking about how that as I work on the project, at any moment either the App or the WebAPI is broken.

It gets worse really, because any time I change the WebAPI then I have a broken App and I have to fix things over there. It's back and forth between the too and just makes a developer feel like everything is garbage.

How Do Minds Deal With Broken Stuff?

That started me thinking about my interaction creating the new software and how that actually affects me. The thing is that no one really wants to deal with broken things and always fixing things. Your mind will work against you as you face the software you are working on, because we want things to "just work".

It feels terrible as we confront all the broken pieces of the thing we are trying to create. But, that's just how your mind deals with things. It tries to run away from difficult things that are in disarray. Brains like things to be organized and perfect, but the real world just isn't that way.

That's just a normal brain being normal.

Super-Power: Being Able To Deal With Broken Things

However, if you take a moment to assess why you feel grumpy or uncomfortable or upset as you work on the project that is in broken pieces you'll discover it is just because of wanting things to be right.

Things can't get right though, unless you confront each challenge and beat it.

Break Broken Things Into Small Pieces

My best advice (and what I'm doing in my project) each challenge into smaller things to resolve and then just work on one of them.

Make a list so you don't feel overwhelmed -- I've found that often when I think there are a ton of things to do it's only a few when I actually write them down
Start with the smallest thing you can succeed with
Turn the challenge into a Learning Experience. Take the problem and decide that you will solve this so no one else ever has to because you will document the challenge and its resolution (this helps you get the focus off the bad feelings of things being broken and puts the focus on doing the work to resolve the issue

Now, I'm going to head back over to my iOS App / WebAPI and

work on the smallest thing I can fix
look at it as a learning / documenting experience

If you're stuck, break your challenges down into small pieces and examine them as if you are going to explain the solution to someone else.
Good luck.

Password Problems (1 of 10): You Need Your Passwords On Every Device You Own

raddevus — Fri, 06 Oct 2023 12:42:29 +0000

Introduction

I've been working on and using C'YaPass (password generator / manager) for over 8 years now but I haven't invested a lot of time to explain how it can help make your life easier so I am writing a series of articles to do that.
First Problem: You Need Your Passwords Everywhere

I use all of the following devices on a daily basis:

iPad Pro
Windows 10 Laptop
iPhone
Linux desktop (Ubuntu 22.04.2 LTS)

I need to be able to sign on from any one of these devices at any time.

I’m writing this article in Google Docs on my iPad while sitting on my front porch and when I need to sign into my Google account I need my password to be available.

I previously had an Android phone and needed my passwords there too.

C'YaPass WebApp Runs On All Devices

C’YPass makes that possible because the Web App will run on any device. That means no matter where you go you can get to your passwords.

Even if you are using a public computer or you've gone online on a friend's computer, you’ll be able to get your passwords.

C’YaPass Doesn’t Store You Passwords On Any Device

However, keep in mind that C’YaPass never stores your passwords anywhere. That’s a big deal because it keeps your passwords more secure than any other system.

C’YaPass Generates Your Passwords

C’YaPass uses your (required) SiteKey and (required) geometric pattern and if you choose, your Multi-Hash* value to generate a random password every time you use the system and select the SiteKey.

*More about Multi-Hash in an upcoming article in this series.

Since the password itself is generated every time, you never have to worry about your passwords being stolen from your system or some cloud account.

It sounds impossible to reproduce the generation of a random password every time, but there is a much longer explanation of this here in my older LinkedIn article at: https://www.linkedin.com/pulse/destroy-all-passwords-never-memorize-password-again-roger-deutsch/

Try C'YaPass: No Installation Required

You can try it out right now in your web browser on whatever device you're reading this article from. Here's a quick step-by-step guide to what it will look like when you try it.

Step-By-Step Guide

Go to the Web App on the official C'YaPass site: https://cyapass.com/js/cya.htm

You'll see the following:

Add a new SiteKey -- this is a mnemonic to remind you which site you are using this password for. It is used in conjunction with your geometric pattern (in the next step) to generate your random password. I'll Click the [Add] button and add a new SiteKey : bigBank

A pop-up dialog will appear and I will set all of the Password Requirements that the site forces me to use. A Password Requirement is any one of those annoying things you have to remember when creating your password (use uppercase, include special character, password can only be a certain max length (a ridiculous requirement)). Once you filled all of those out you'll see:

Creating SiteKey with password requirements

Click the [OK] button and your new SiteKey will be saved with the associated Password requirements and you'll see the main page again with the new SiteKey available.

Now, let's draw a pattern in the grid on the right and our randomly generated password will appear. Please note, you probably do not want to ever use the pattern I'm showing below. It the same geometric pattern I use for all my samples. Since the SiteKey and the geometric pattern are used to generate the random password, you need to keep them secret.

Password is generated & copied to clipboard

I've highlighted two important areas (in green boxes) in the previous snapshot. The first area (on left) is showing the Password Requirements that have been set because we chose this SiteKey (bigBank) which has all three of them set.

The second area (on right) is the generated password. However, you will notice that the password doesn't yet include a special character. That's because we need to type one in the Special Characters text box.

C'YaPass requires that you type that special character each time you start the app for one more level of security. However, when you type that special character in there, it will use that character for any other SiteKeys that you select making less work for you to do. We'll use the special character $ (dollar sign). As soon as you type the special character in, the password will be updated to include it

Special character is added

Adding a 2nd SiteKey

Now, let's see how easy your life will be using C'YaPass when you have many more sites you need to log into (more SiteKeys) by adding a new one. Click the [Add] button again and add a new SiteKey: myMail@gmail.com -- We'll make the only password requirement to use a Special Character so you can see how that works.

As soon as you click the [OK] button to save the SiteKey A) The SiteKey will be added to your list B) the new password will be generated C) The special character will be added automatically to the password D) the password will be copied to your clipboard so you can paste it into the site where you need to login.

64 character password is generated with special character

Take note of a couple of things. First of all the 64 character password is generated and since this SiteKey includes a special character and you've already typed it into the text box it is automatically included in the generated password. The app also copies your password to your system clipboard so you can easily paste it into the your site to login. However, some web browsers (especially on iPhones) don't always run the copy to clipboard command properly.

That's where the green highlighted button to the left comes in: it is the copy-to-clipboard button. If the password isn't copied automatically just click the button and it'll be copied.

Now you know the basics of using C'YaPass.

SiteKeys Are Never Transferred Anywhere

The SiteKeys you create in your browser will only be available on that particular browser on that particular device. They are never transferred anywhere. You own your SiteKeys and you decide where you will use them.

Destroying The SiteKeys

As a matter of fact, you can destroy all the SiteKeys you created in our practice session above by simply clicking the [Remove All SiteKeys] button.

When you click the [Remove All SiteKeys] button you will have a chance to [Cancel] the operation. A dialog box will popup and warn you. If you want to keep the SiteKeys, just click the [Cancel] button. If you do want to destroy them, click the [OK] button and they will be permanently deleted.

Warning: There is no way to get them back after you destroy them.

Popup dialog allows you to cancel removing all SiteKeys

How Do You Get Your SiteKeys On All Devices?

But, if the SiteKeys (along with your geometric pattern) are required to generate all of your passwords then how can we get them onto all your other devices?

Answer: Export & Import

That's where the Export & Import SiteKey functionality comes in. But that is for another article in the series.

If you're really interested in how that works you can read a previous article I wrote up on the CodeProject.com web site at: https://www.codeproject.com/Articles/5338047/C-YaPass-The-Best-Password-Manager-You-ve-Never-Us

Thanks for reading my article and checking out C'YaPass.

More To Discuss: Future Articles

There's a lot more to discuss so here's a list of topics for upcoming articles (one released every day):

Getting the desktop app (Can be installed on all major Operating Systems (MacOS, Linux, Windows 10/11)
Getting the Android app
Typing Strong Passwords Using Your Thumbs Is Terrible (Making Mobile easier)
Switching To A Password Manager Is A Pain (But It Doesn't Have To Be)
Passwords Are Difficult To Share (But It Doesn't Have To Be)
Web Sites Have Stupid Password Requirements
There Are Too Many Things to Sign Into & Too Many Passwords

Getting The App Now: Spoiler Alert

Windows App Store

You can install the Windows app from the Windows App Store: https://apps.microsoft.com/store/detail/cyapass/9PFD82D1Z7RW?hl=en-us&gl=us

Google Play

You can install the Android app from Google Play: https://play.google.com/store/apps/details?id=app.actionmobile.cyapass

Linux Snapcraft

You can even install the desktop app directly to your Linux distro from Snapcraft:

https://snapcraft.io/cyapass

MacOS Installation

I'll update the official site (https://cyapass.com) with the MacOS DMG (installation file) very soon.