36 Matching Annotations
  1. Feb 2024
  2. Dec 2023
    1. Token-based authentication (also known as JSON Web Token authentication) is a new way of handling the authentication of users in applications. It is an alternative to session-based authentication.
  3. Sep 2023
  4. May 2023
  5. Feb 2023
    1. The reason is Rails only reads and creates the session object when it receives the request and writes it back to session store when request is complete and is about to be returned to user.
    2. Session race conditions are very common in Rails. Redis session store doesn't help either! The reason is Rails only reads and creates the session object when it receives the request and writes it back to session store when request is complete and is about to be returned to user.
    1. As you can see from the example, the session cookie is updated on every request, regardless of if the session was modified or not. Depending on when the response gets back to the client last, thats the cookie that will be used in the next call. For example, if in our previous example, if get_current_result’s response was slower than get_quiz, then our cookie would have the correct data and the next call to update_response would of work fine! So sometimes it will work and sometimes not all depending on the internet gods. This type of race condition is no fun to deal with. The implications of this is that using cookie storage for sessions when you are doing multiple ajax call is just not safe.
    2. A better solution would be to use a server side session store like active record or memcache. Doing so prevents the session data from being reliant on client side cookies. Session data no longer has to be passed between the client and the server which means no more potential race conditions when two ajax are simultaneously made!
  6. Dec 2022
    1. the first section i call who do you think you are what a self is and why you really do think you have one no matter how long you've been practicing 00:12:33 second why you really don't have the self you think you have third an exploration of what you are and that's where we'll really talk about personhood

      !- first session : has three sections - who do you think you are -why you so strongly believe you have a self, in spite of years of meditation - why you really don't have the self you so strongly feel you have - what you really are

  7. Sep 2021
  8. Mar 2021
  9. Dec 2020
    1. const store = observable({ players: [ "Player 1", "Player 2", ], // ... }) reaction(() => JSON.stringify(store), json => { localStorage.setItem('store',json); }, { delay: 500, }); let json = localStorage.getItem('store'); if(json) { Object.assign(store, JSON.parse(json)); }
    1. The only solution that I can see is to ensure that each user gets their own set of stores for each server-rendered page. We can achieve this with the context API, and expose the stores like so: <script> import { stores } from '@sapper/app'; const { page, preloading, session } = stores(); </script> Calling stores() outside component initialisation would be an error.

      Good solution.

    2. One way to do that is to export them from @sapper/app directly, and rely on the fact that we can reset them immediately before server rendering to ensure that session data isn't accidentally leaked between two users accessing the same server.
    1. This is the accepted way to handle problems related to authentication, because user data has a couple of important characteristics: You really don't want to accidentally leak it between two sessions on the same server, and generating the store on a per-request basis makes that very unlikely It's often used in lots of different places in your app, so a global store makes sense.
  10. Jul 2020
  11. Jun 2020
  12. May 2020
  13. Apr 2020
    1. One of the drawbacks of waiting until someone signs in again to check their password is that a user may simply stay signed in for a long time without signing out. I suppose that could be an argument in favor of limiting the maximum duration of a session or remember-me token, but as far as user experience, I always find it annoying when I was signed in and a website arbitrarily signs me out without telling me why.
  14. Mar 2020
    1. I would like to make an appeal to core developers: all design decisions involving involuntary session creation MUST be made with a great caution. In case of a high-load project, avoiding to create a session for non-authenticated users is a vital strategy with a critical influence on application performance. It doesn't really make a big difference, whether you use a database backend, or Redis, or whatever else; eventually, your load would be high enough, and scaling further would not help anymore, so that either network access to the session backend or its “INSERT” performance would become a bottleneck. In my case, it's an application with 20-25 ms response time under a 20000-30000 RPM load. Having to create a session for an each session-less request would be critical enough to decide not to upgrade Django, or to fork and rewrite the corresponding components.
  15. Feb 2020
    1. Do Browse like a user wouldTake natural pauses that users would take to consume page contentFocus on the most common use cases, rather than all the possible use casesTake note of pages where forms/logins occur, you will likely need to complete some scripting there
  16. Jan 2020
    1. Engaging Donors of Color in Arts Philanthropy

      Attended

      A. This forum was very interesting and well organized. Each speaker discussed what changes they want to make or took part in, what is their idea of making a difference and what steps we should take to solve these issues. B. The leadership qualities definitely included being mindful of others, very pragmatic discussion and one that was open to the audience. C. The panel was based both on research and experience and I believe that being a leader in the arts field means using both to being more inclusive and understanding the language we use. D. This forum was definitely my favorite and I found it very valuable. The speakers gave some beneficial advice on community building, commitment to inclusion, and to understanding how the board, staff and programming can impact the mission of an arts org.

    1. Arts and Climate Change Forum

      Attended

      A. The Arts and Climate Change Forum discussed ways in which artists and arts organizations can "respond, react and engage through art" to save the planet. The leadership practices included mostly allowing the audience to share their ideas of innovative ways to be more eco-friendly. B. The three panelists shared how they are dealing with the issue. They were definitely confident in their practice, however I found that certain members of the audience had a better vision and more ideas about dealing with the climate change issue. C. I really enjoyed Jody Sperling's comment. She stated that it is important to remember about the content - building constant awareness, transformative thought, cultivating empathy, modeling interconnectedness and that we, not "me" create the community we live in. I believe this is something any arts admin could use in their future work.<br> D. I find that it was interesting to hear different ideas from arts organizations and the audience members but I did not find the forum too valuable. Going to this panel, I was hoping to get more valuable advice from the panelists and their realistic vision of what we can do, but instead I walked out being a bit disappointed.

  17. Nov 2019
    1. CompizConfig Settings Manager's Place windows plug-in which will allow an application that isn't running to open on its particular workspace at its pre-defined X-Y coordinate,
  18. Aug 2018
    1. Cookie存储在浏览器中,对客户端是可见的,客户端的一些程序可能会窥探、复制以至修正Cookie中的内容。而Session存储在服务器上,对客户端是透明的,不存在敏感信息泄露的风险。

      cookie 是整个会话对象都放在客户端,很容易看到(base64 只是压缩,并不是加密)。 session 是整个会话对象都放在服务端,只有一个 session id 副本放在客户端的 cookie 里,所以就算有人偷到了 session id 冒充,也看不到会话信息。

  19. Feb 2014
    1. Chapter 1, The Art of Community We begin the book with a bird’s-eye view of how communities function at a social science level. We cover the underlying nuts and bolts of how people form communities, what keeps them involved, and the basis and opportunities behind these interactions. Chapter 2, Planning Your Community Next we carve out and document a blueprint and strategy for your community and its future growth. Part of this strategy includes the target objectives and goals and how the community can be structured to achieve them. PREFACE xix Chapter 3, Communicating Clearly At the heart of community is communication, and great communicators can have a tremendously positive impact. Here we lay down the communications backbone and the best practices associated with using it

      Reading the first 3 chapters of AoC for discussion in #coasespenguin on 2013-02-11.