I heard about open source probably the first year I started programming. I liked the idea of software to be not only presented as a final product, but with ability to see how things are done and change something if you want. For me, open source was really related to operational systems and drivers, Linux as great example.

A bit later I realised that open source is also about contribution. If you have a certain skills, you can join the project you interested in and try to help. I’ve seen some nice open source examples – tiny operational systems, drivers, music players. Almost everything was C++. The problem with C++, it’s hard to build something from sources. You typically missing some binaries, headers or SDK’s you don’t have on your machine.

What I like the most about Docker project is new opportunity to deploy and distribute software. Many times I’ve been to situation when I wanted to play with some software and get exited about, but after I read installation manual my excitement totally gone. Non trivial applications, requires quite a lot dependencies: runtimes, libraries, databases.

With docker, the installation instruction got reduced to something like:

1
2

$ docker pull vendor/package
$ docker run vendor/package

Simply like that, forget about missing Java Runtime on your server. It suits perfectly for TCP/HTTP applications.

It’s been a while since my last update on Likeastore progress. It doesn’t mean the application development is stopped, otherwise – we did a final breakthrough and today is my first day in EastLabs business accelerator. Yes, side project we’ve started to have fun on hackathon is becoming a company today.

I always wanted to build a product that could became the foundation for company. I did a few unsuccessful attempts before. There was few reason of failures: either I tried to attack very big problem or I didn’t have enough motivation to make the stuff done.

Since 6 Dec 2013, I’m officially unemployed. I quit my job in E-conomic there I spent almost 3.5 years of happy life. Leaving the company was a really tough decision, but it had to be made.

A lot of things happed during that time. No doubts, E-conomic and Ciklum did the most significant impact of my professional career so far. The reason for that is simple: the people surrounds you are most important aspect in your job. From the very first days, till last ones – I worked with high qualified professionals there.

Sometimes ago I wrote the post, where was thinking about importance of logging of application state to clearly see what’s going on inside and react accordingly. Logging is vital for any reliable system.

If logging is a must from development point of view, analytics is a must from business point of view. You would like to see, how many users signs-in and signs-up during the day, what actions they do inside the app, what issues they use all the time, what issues they never touch.

Following “Invent Own Bicycle” principle, I’ve created small project to attack the problem – Seismo.

So, you are building pure client side application that works against REST API. The client and server are completely decoupled and typically deployed separately of each other.

API’s have one or another way of authenticating it’s users. It could be some simple flows, like basic authorization or more complex ones as OAuth/OAuth2. But at the very end you have token that placed either as cookie value or HTTP request header parameter. API is then responsible to check the token for validity and if it’s not valid respond with 401.

I got used to idea of AMD quite long time ago. That time Require.js was best (and probably only one) good implementation that supports it. It worked great for me while I was involved into Backbone.js development. So, once I jumped in to Angular.js my first wish was reuse the same experience as previously.

There was a few difficulties with that.

This is a small follow up for my previous post, using the same technique not for authorization, but rather for error handling.

Let’s go back, to the problem. I want to handle all errors in my application. Instead of res.send() or res.json(), I want to have a middleware that handles everything by itself. It can be flexible, so I can put any kind of logic there, like logging etc.

It’s very easy to archive with patch the middleware method.

Once you implement HTTP API using Express.js, the security became the concern. There are a lot of different options and strategies, implementing security for API’s. One of the latest I prefer is described here.

Doesn’t matter what the actual strategy is, you have to apply it somehow in your application. In general, HTTP API security goes down to authorization. Having a piece of information in HTTP request (either field in header or value in cookie), by checking one you can say, is this HTTP request authorized or not.

This is transcript of talk I gave on RejectJS conf in Berlin, September 2013. Video is already available here.

What I’m going to talk about is Dokku – pocket-size, very cool and interesting project, that would make you (hopefully) re-think of the code shipping.