Social Logout

Again about the Laravel application involving Google login: it is often used on computers shared among many people, and logging on Google involves that all of the services are then enabled and accessible from that computers. Mostly undesiderable, of course. Socialite logout do not implies Google logout, nor any form of OAuth logout. So I had to provide a trick. The new logout() function looks as: public function logout() { Auth::logout(); $url = sprintf('https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=%s', route('login')…

Keep reading

Monthly Report: March 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository Spunta: a simple checklists manager many fixes on the repository Free Software Promotion MERGE-it: Italian cross-community meetup coordination of the event Support my activities with PayPal or Patreon!…

Keep reading

Not the Right Scope

My customer uses Google GSuite in his organization (a no-profit one), and wanted to use already existing accounts to login in my application. Quite easy, as Google is already implemented in Laravel Socialite. But default configuration for Google in Socialite includes scopes for Google+ API, to access profile informations, and that's not always the case. At least, it was not the case in my situation: eventually the reference Google Apps organization had no Google+ enabled, so as login with classic @gmail.com accounts worked, the organization's accounts with custom domain…

Keep reading

Key of the Key

Recently I've worked a little with GPG keys in a web application (mostly to digitally sign documents, with PIN-protected keys). Two considerations: OpenPGP.js is really cool and easy to use, get it a look to avoid depending from native PHP extentions I've used this composer installable library, which is unfortunately mostly undocumented An hint for future explorers: to retrieve the key ID of a given public key, use this function (built mining for references in GitHub): /* $pubkey is meant to be the contents of the armored file */ function get_…

Keep reading

import, require and include hate for JS

Preamble: next time I will read words like "easy" or "simple" in a Javascript package manager presentation page, I will look for the maintainer's home address and will dump a full load of shit in front of his door. Recently, I started to adopt Laravel Mix to build assets included in my works. Given that collecting a bunch of JS files into a folder and handling them with Minify is way easier, after a few weeks I still insist in this onanist exercise. Today I've learned a fundamental lesson, to…

Keep reading

Update my Models

Today I've discovered a particular behaviour of Laravel models' events handling: the updating event is not fired if the object's attribute have not been really modified. More specifically, if isDirty() returns FALSE. So, your Model::updating() callback is not really executed for each save() on an existing model, but only when something changed. This is probably desiderable in most cases (no extra events fired when not required), but not always. In my particular situation, this behaviour collided with a Model::saved() callback expecting some job to be always done by…

Keep reading

Monthly Report: February 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository closed #21, #30, #31 given a lightning talk to FOSDEM 2018 Spunta: a simple checklists manager initial release on the repository Burnia: honeypot-based captcha initial release on the repository public instance, freely accessible My Contents 36 CC-BY photos loaded on my Flickr profile. Support my activities with PayPal or Patreon!…

Keep reading

Monthly Report: January 2018

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository added support for international localization My Contents 95 CC-BY photos loaded on my Flickr profile.…

Keep reading

Monthly Report: December 2017

What I've done this month... My Software Projects GASdotto: management application for ethical purchasing groups many fixes on the repository postegg: endpoint to POST data from web forms some fix on the repository tiret: a simple S3 frontend some fix on the repository…

Keep reading

Mails into the Web

Requirement: "Given this Mailchimp newsletter, embed the latest issue in that Jekyll static website". Mailchimp offers many APIs, but this approach requires too many complications. Instead my solution relies on RSS: given the RSS feed of your newsletter (you can obtain it with the "RSS" link on the top-right corner while visualizing an issue on the Mailchimp website) you can retrieve the full HTML of the latest campaigns and embed it directly. First problem: Mailchimp doesn't have CORS headers. So you have to use a proxy. Second problem: the HTML…

Keep reading