DEV Community: Christophe El-Khoury

Podcast Listings

Christophe El-Khoury — Sat, 19 Dec 2020 09:49:35 +0000

So I'm looking for your recommendations for podcasts about:

Leadership
Tech Leads
Technology
Startups
Personal Development

I know I could Google it, which I have, but I'd like to know about individuals' opinions rather than simple "Top 10" articles based on one person's opinion.

How to: Google

Christophe El-Khoury — Mon, 07 Dec 2020 08:24:40 +0000

If you don't care about this intro, jump down to the TLDR section.

So I've recently joined this NodeJS Developers Group on Facebook. I expected the group to have relatively advanced topics of discussion. To my surprise, the group was, for the most part, treated as Google.
I innocently wrote a post

criticizing how people are Google-ifying the group. That post, surprisingly, had more interaction than any other post. Many people endorsed the criticism, others criticized it.

Soon after writing the post, I'd realized that even though I should never expect any technical expertise from people I don't know, I should also expect that they know absolutely nothing.

The purpose of my joining the group was to help people, so I'm writing this post to help those who don't know how to put Google to its best use.

TLDR

Basics

To further simplify the guide, let's assume you're a newbie, and you so happen want to start developing using NodeJS.
Whenever you want to start learning anything, you should always read a couple of articles or watch a couple of videos explaining the basics of that technology. I'm not talking about the syntax, nor the capabilities, nor the use cases. Simply understand what the hell that technology is about.

The main thing to understand about Google is, Google is not your teacher. It's a search directory. Though you most probably will get lucky when you ask it about the weather, because that's one of Google's many features, you won't get so lucky if you ask it about a syntax error you've encountered. Asking "How do I catch an error in NodeJS because I keep running into errors" might just not cut it for you.

Google is a directory of data, articles, videos. You need to find these entries based on key-words that Google will use to find them in articles. So the above query would turn into "NodeJS catch errors". Google will take these words and search its whole directory for articles containing these words.

So the first thing you might want to do before starting anything NodeJS-related, Google "NodeJS Introduction"

You're going to have tons of results, but there are some key websites that are credible and concise enough for you to grasp what you need to grasp ASAP.

Node's Website
FreeCodeCamp
w3schools

Once you've understood the technology you're about to start working with, you move to the second thing, starting to learn it. "NodeJS beginner tutorial". Instead of "How do I learn NodeJS".

Soon after you start learning, you will start running into errors, bugs, etc.
You run to Google again.
This time, you have to include more specific words, such as the error code or name you're encountering: "NodeJS syntax error unexpected identifier".

When it comes to code-specific errors, your best bets into finding solutions are

Documentation: official source of the package you're using
StackOverflow
Right here.
Other channels such as Facebook, Telegram, Discord, etc.

Before asking another individual for help, rely on your own debugging skills to figure it out yourself. Software development isn't purely about writing code, it's about solving problems. And you need to learn to solve your own problems and bugs before solving those of others. Give yourself a good 20 minutes of debugging and research. If your error persists, you might need to consider asking a question on StackOverflow.

StackOverflow is one of the major placeholders for Q&A and debugged issues online.
Sometimes, StackOverflow users might take some time to help you out, so you can move to individual questions by then. But keep in mind that whenever you do find the solution to your problem, give back to the community by answering your question on StackOverflow, Facebook, Telegram, etc.

Moral of the story is, the developers' community is going to be your biggest ally. You need to give it as much as it's giving you.

Also, stop undermining yourself. You can definitely figure it out on your own, just be patient.

Advanced

As a software engineer, I know that almost always, a Minimum Viable Product should be released before developing all the way. I'm doing the same with this article. Before jumping into advanced Googling schemes, I need to know your opinions and recommendations. If pushed for it, I'll definitely expand and clean the article.

Brain Freeze

Christophe El-Khoury — Tue, 09 Jun 2020 07:19:03 +0000

Has anyone ever gone full cd ../develop instead of git checkout develop? Or am I the only one getting such brain freezes.

Open Source Support Group

Christophe El-Khoury — Sun, 05 Jan 2020 17:51:13 +0000

Alright I'm going to make this short and sweet.

Mental health is as essential as physical health. Better yet, many articles suggest that your mental health has a direct impact on your physical health (too lazy to find the sources).

Many communities, especially those coming from developing countries, such as mine (Lebanon), don't promote the importance of mental health. Especially for men, where they're not even allowed to shed a tear, otherwise they'd be considered as weak, gay (which is also an insult in my country), etc etc.

I know that on new year's eve, everybody got drunk, was ecstatic, celebrating and whatnot. Then, the next day as the hangover started easing off, they'd start having a different sort of headache, an existential crisis, remembering a breakup, or even simply bothered by how they're being treated at this start up they'd just started working at. That is, if they have a job.

To that reason, I've decided to start a small community. The Open Source Support Group. Aside from the endless groups that already exist for JS, Go, Linux, etc. I'd like this group to have a special type of bond, where we have ups and downs together. We get to know one another and we, unjudgmentally (I don't know if that's even a word), help each other out. Whether it's technical or mental or emotional or you just don't know what kind of whisky to pick at the bar.

Telegram Link: https://t.me/opensourcesupportgroup

If you have any questions or concerns, throw them here.

And in case anyone's having a bad day, here's a pic of my doggo.

Why?

Christophe El-Khoury — Tue, 17 Dec 2019 08:21:02 +0000

Why? @devto Why are your clothes overpriced? I mean. I like this community. I like what it promotes. I like to show it off. But I don't want to pay the equivalent of 27 beers for a hat.

Why?

Javascript Linting / Formatting standards

Christophe El-Khoury — Tue, 24 Sep 2019 07:21:46 +0000

How the heck can I standardize JavaScript across my organization's projects?
Hint: We're using VSCode <3

How do I manage my time?

Christophe El-Khoury — Tue, 06 Aug 2019 07:04:02 +0000

So I've got a girlfriend, 2 groups of friends, my family, my health, my full-time job and a 2-hour daily commute.

Y'all wanna suggest something?

What I learned on my own | Implementing JWT Authentication on SailsJS (v1)

Christophe El-Khoury — Fri, 02 Aug 2019 05:38:22 +0000

What this article will teach you:

How to apply JWT Authentication in your SailsJS v1 backend.

What this article will NOT teach you:

How to create a SailsJS application.
How to understand the mechanisms behind these functions.

The reason why I won't go in-depth with the mechanisms of some functions and how they work in the background is because there's a whole lot of articles and documentations out there, written by people who are much much more qualified than I am.

Who is this article intended for? Anyone who just needs to implement some JWT Authentication into SailsJS because they have a deadline and have no time to do prolonged research.

If you've been developing with Sails, you're going to realize that you won't be able to get all the answers you want, mainly because of Sails' migration from v0 to v1, their not-so-laravelish-documentation and the rather small community accompanying Sails.

Enough with the small talk. Let me have a smoke and I'll come back to the technicalities.

Disclaimer: some of this code is inspired from this repo written by Corey Birnbaum. So props for this guy.

The way this is going to be implemented is as follows, in a general, non-sails-terms sentences:

HTTP Request (requires authentication) hits your backend
The Request is intercepted by middleware
Authentication Valid -- Redirect to controller
Authentication invalid -- 401

Okay great, but how do we implement this in Sails?
For this, I'm going to assume you've already set up your routes and actions.

In simple terms, a middleware in Sails is called a policy. Which means, you're going to assign to a controller/action a set of rules, which basically tells that controller/action "Hey! I know you're expecting this HTTP Request to be redirected to you, but first I need to make a few checks. If these checks pass, I'll send it over. If not, I'm taking that piece of candy away from ya."

Prerequisite: for JWT Authentication here, I'm using a package called jsonwebtoken. Make sure to install it in your project directory.

So start by defining that policy by going to config/policies.js and adding the following line within the module.exports.policies body:

{
   controllerName: {
      'action-name': 'isAuthenticated'
   }
}

That way, you told action-name that isAuthenticated will make a few checks on HTTP Requests directed to you before it decides whether or not the action can act upon that request.

Next up, you'll have to actually write that policy. Sails' CLI provides a command to generate just about anything, including policies. So run the following command in your command line:
sails generate policy isAuthenticated
if all goes well, you will see a isAuthenticated.js file inside api/policies/ directory.

Write the following code inside the isAuthenticated.js policy:

CODE

/**
 * isAuthenticated
 *
 * @module      :: Policy
 * @description :: Simple policy to require an authenticated user, or else redirect to login page
 *                 Looks for an Authorization header bearing a valid JWT token
 * @docs        :: http://sailsjs.org/#!documentation/policies
 *
 */

module.exports = async function (req, res, next) {
    sails.helpers.verifyJwt.with({
        req: req,
        res: res
    })
        .switch({
            error: function (err) {
                return res.serverError(err)
            },
            invalid: function (err) {
                // if this is not an HTML-wanting browser, e.g. AJAX/sockets/cURL/etc.,
                // send a 401 response letting the user agent know they need to login to
                // access this endpoint.
                if (req.wantsJSON) {
                    return res.sendStatus(401)
                }
                // otherwise if this is an HTML-wanting browser, do a redirect.
                return res.redirect('/login')
            },
            success: function () {
                // user has been attached to the req object (ie logged in) so we're set, they may proceed
                return next()
            }
        })
}

EXPLANATION
First off, this policy is getting some help from a helper called verifyJwt, which we'll write in a minute. It's also giving it two parameters. The request req and response res. At first I was confused as to how am I going to pass these parameters to isAuthenticated from my policies.js definition? As it turns out, sails takes care of that automatically, since policies are intended, by nature, to take req and res, and they are only needed for HTTP Requests.

verifyJwt will return either error, or invalid, or success. Each one of these possible returns has its own handling.
If an error is returned, bad news. You've got a problem in your code or in your request.
If an invalid is returned, good news for you. Your code's working, but the request won't be forwarded to your action because the request is not authenticated.
If a success is returned, the user is authenticated, the request is forwarded to your action and everybody's happy.

Now onto the verifyJwt helper function. This is going to be the bulk of your authentication logic.

To do that, we'll have to create a helper
sails generate helper verify-jwt.

inside api/helpers/verify-jwt.js, we will write
CODE

var jwt = require('jsonwebtoken')

module.exports = {
  friendlyName: 'Verify JWT',
  description: 'Verify a JWT token.',
  inputs: {
    req: {
      type: 'ref',
      friendlyName: 'Request',
      description: 'A reference to the request object (req).',
      required: true
    },
    res: {
      type: 'ref',
      friendlyName: 'Response',
      description: 'A reference to the response object (res).',
      required: false
    }
  },
  exits: {
    invalid: {
      description: 'Invalid token or no authentication present.',
    }
  },
  fn: function (inputs, exits) {
    var req = inputs.req
    var res = inputs.res
    if (req.header('authorization')) {
      // if one exists, attempt to get the header data
      var token = req.header('authorization').split('Bearer ')[1]
      // if there's nothing after "Bearer", no go
      if (!token) return exits.invalid()
      // if there is something, attempt to parse it as a JWT token
      return jwt.verify(token, process.env.JWT_KEY, async function (err, payload) {
        if (err || !payload.sub) return exits.invalid()
        var user = await User.findOne(payload.sub)
        if (!user) return exits.invalid()
        // if it got this far, everything checks out, success
        req.user = user
        return exits.success(user)
      })
    }
    return exits.invalid()
  }
}

EXPLANATION

Firstly, the helper is checking for an authorization header inside the request. If it doesn't exist, then the request is unauthenticated and will `return exits.invalid();
If an authorization header does exist, we extract the token, and run jsonwebtoken's verify function. This function will return a payload.
A sub property inside the payload should exist, as per the JWT Anatomy
If it does, it will most likely hold a key identifier for the user (e.g. ID).
Once we have that sub, we need to use it to try to find a user, to whom this JWT belongs.
If this user is found, assign it to your req. The reason why we're doing that is, if, for some reason in our code, we need to verify that a certain operation is being requested by userA, who indeed is authenticated, on some belongings to userB. So even though userA is authenticated, they should not be allowed to perform any actions concerning userB (such as, editing a userB's blog post).

And voilà. You've got authentication up and running.

If you have any questions, feedback, corrections from any misinformation I might have provided (including typos), my direct messages are open for anyone but I strongly urge you to post them in the comments section for everyone to benefit from them.

Happy coding fellas!

NodeJS Frameworks - The Whats and the Whys

Christophe El-Khoury — Mon, 29 Jul 2019 09:54:31 +0000

I've been assigned a task to find the best NodeJS Framework for our API microservice.
The internet is full, overly-saturated if I may, with articles telling you what the top 10 NodeJS frameworks are. Needless to say, I've seen the words Express and Sails in 2 hours more than I've seen my Girlfriend's name IM'ing me in a week.

Every time I read an article it says MVC-framework, FullStack-framework, RESTful-framework and quite frankly I can't figure out what the hell is going on!

So, for the NodeJS gurus out there, can someone please write an article about how to pick the right NodeJS Framework? Depicting what the types of frameworks are, and why we need to use each type?

Thanks.

Framework vs. skeleton. Your move as a #codenewbie

Christophe El-Khoury — Mon, 15 Jul 2019 06:56:28 +0000

I've been reading a lot of articles advising newbies about how to start their dev career. Some articles advise for frameworks such as Angular and React, others advise for going native and learning the language itself (e.g. JavaScrtipt, TypeScript).

What do you experts think?

In my opinion, learning the fundamentals of any language is always preferred over digging right into the framework itself.

Podcasts. How? Why? And When?

Christophe El-Khoury — Wed, 03 Jul 2019 06:50:31 +0000

So my morning routine is all about reading articles while having my cup of coffee before I start coding, and I almost always read the word podcast in arguably every article.

A lot of people listen to podcasts. But I've never known why.

So here's a question for everyone willing to help me out.

Why the heck would I listen to 1-hour-long podcasts? And where would I do that? Is it possible for me to do it while coding? What are they usually about? Seriously. Just, like. Help pls.

A Guide to DevOps

Christophe El-Khoury — Wed, 05 Dec 2018 08:44:40 +0000

The other day I stumbled upon a Post here concerning DevOps, which I've been genuinely interested in for a while. To my amateurism, my curiosity and uncertainty weren't satisfied with the article itself. So I asked a question, the answer to which, didn't satisfy my curiosity and, well, uncertainty.

Luckily, after being stuck in two hours of rain traffic on my way to work, I finished my smoke, got to work and found that one of my co-workers was kind enough to send us a very, beautiful, link.

That's how Christmas came early for me.

I hope it helps you guys!