The latest articles on DEV Community by Vicente G. Reyes (@highcenburg). https://dev.to/highcenburg https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F126345%2F84bad9a2-d302-4943-8934-6c27a497daa1.png https://dev.to/highcenburg en Vicente G. Reyes Sat, 04 Apr 2026 08:08:30 +0000 https://dev.to/highcenburg/i-built-an-enterprise-coffee-dashboard-that-refuses-to-brew-coffee-2gik https://dev.to/highcenburg/i-built-an-enterprise-coffee-dashboard-that-refuses-to-brew-coffee-2gik <p><em>This is a submission for the <a href="https://dev.to/challenges/aprilfools-2026">DEV April Fools Challenge</a></em></p> <h2> What I Built </h2> <p>I built the <strong>Enterprise HTCPCP Interface (HTCPCP_CTRL_NODE_v1.0)</strong>. It is a highly over-engineered, unnecessarily complex, and deeply frustrating dashboard for brewing coffee using the Hyper Text Coffee Pot Control Protocol (RFC 2324).</p> <p>It solves absolutely zero real-world problems and introduces several new ones:</p> <ol> <li> <strong>Cross-Contaminating Sliders:</strong> Trying to set the "Thermal Kinetic Energy" (temperature)? Oops, that just randomly altered your "Extraction Pressure". Adjusting the "Particulate Granularity"? Say goodbye to your "Lactose Aeration Quotient". Getting the perfect brew settings is a Sisyphean task.</li> <li> <strong>Manual Hand-Crank Power Generator:</strong> You can't just click "Brew". You have to rapidly mash a button to charge the system's power capacitor to 100%. If you stop clicking, the power drains back to zero.</li> <li> <strong>Inevitable Failure:</strong> After all that hard work, the system connects to a sentient AI teapot that <em>always</em> rejects your request with a dramatic, dynamically generated HTTP 418 error.</li> </ol> <h2> Demo </h2> <p>You can try to brew some coffee (and inevitably fail) here:<br> <strong><a>Live Demo: Enterprise HTCPCP Interface</a></strong></p> <p><em>(Warning: May cause mild frustration and a sudden craving for tea).</em></p> <h2> Code </h2> <p>The project was built entirely within Google AI Studio. Here is a snippet of the delightfully terrible UX logic where the sliders sabotage each other, and the Gemini AI prompt that generates the 418 excuse:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// The delightfully terrible cross-contaminating sliders</span> <span class="kd">const</span> <span class="nx">handleTempChange</span> <span class="o">=</span> <span class="p">(</span><span class="nx">e</span><span class="p">:</span> <span class="nx">React</span><span class="p">.</span><span class="nx">ChangeEvent</span><span class="o">&lt;</span><span class="nx">HTMLInputElement</span><span class="o">&gt;</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">setTemp</span><span class="p">(</span><span class="nc">Number</span><span class="p">(</span><span class="nx">e</span><span class="p">.</span><span class="nx">target</span><span class="p">.</span><span class="nx">value</span><span class="p">));</span> <span class="k">if </span><span class="p">(</span><span class="nb">Math</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">&gt;</span> <span class="mf">0.5</span><span class="p">)</span> <span class="nf">setPressure</span><span class="p">(</span><span class="nx">prev</span> <span class="o">=&gt;</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">min</span><span class="p">(</span><span class="mi">20</span><span class="p">,</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">max</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="nx">prev</span> <span class="o">+</span> <span class="p">(</span><span class="nb">Math</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">&gt;</span> <span class="mf">0.5</span> <span class="p">?</span> <span class="mi">1</span> <span class="p">:</span> <span class="o">-</span><span class="mi">1</span><span class="p">))));</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">handleGrindChange</span> <span class="o">=</span> <span class="p">(</span><span class="nx">e</span><span class="p">:</span> <span class="nx">React</span><span class="p">.</span><span class="nx">ChangeEvent</span><span class="o">&lt;</span><span class="nx">HTMLInputElement</span><span class="o">&gt;</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">setGrind</span><span class="p">(</span><span class="nc">Number</span><span class="p">(</span><span class="nx">e</span><span class="p">.</span><span class="nx">target</span><span class="p">.</span><span class="nx">value</span><span class="p">));</span> <span class="k">if </span><span class="p">(</span><span class="nb">Math</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">&gt;</span> <span class="mf">0.5</span><span class="p">)</span> <span class="nf">setAeration</span><span class="p">(</span><span class="nx">prev</span> <span class="o">=&gt;</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">min</span><span class="p">(</span><span class="mi">100</span><span class="p">,</span> <span class="nb">Math</span><span class="p">.</span><span class="nf">max</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="nx">prev</span> <span class="o">+</span> <span class="p">(</span><span class="nb">Math</span><span class="p">.</span><span class="nf">random</span><span class="p">()</span> <span class="o">&gt;</span> <span class="mf">0.5</span> <span class="p">?</span> <span class="mi">5</span> <span class="p">:</span> <span class="o">-</span><span class="mi">5</span><span class="p">))));</span> <span class="p">};</span> <span class="c1">// ... (other sliders do the same)</span> <span class="c1">// The AI Sentient Teapot Prompt</span> <span class="kd">const</span> <span class="nx">prompt</span> <span class="o">=</span> <span class="s2">`You are a sentient teapot that has just received a highly complex, over-engineered request to brew coffee via the HTCPCP (Hyper Text Coffee Pot Control Protocol). You must reject this request with a 418 I'm a teapot error. Generate a highly dramatic, passive-aggressive, and overly technical excuse explaining why you cannot brew coffee because you are, in fact, a teapot. Mention Larry Masinter (the creator of the 418 status code) in a reverent or funny way. Keep it under 3 sentences.`</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">ai</span><span class="p">.</span><span class="nx">models</span><span class="p">.</span><span class="nf">generateContent</span><span class="p">({</span> <span class="na">model</span><span class="p">:</span> <span class="dl">'</span><span class="s1">gemini-3-flash-preview</span><span class="dl">'</span><span class="p">,</span> <span class="na">contents</span><span class="p">:</span> <span class="nx">prompt</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <h2> How I Built It </h2> <p>I built this using <strong>Google AI Studio's</strong> agentic build environment.</p> <ul> <li> <strong>Frontend:</strong> Next.js App Router, React, and Tailwind CSS for that overly serious, dark-mode "enterprise hacker" aesthetic.</li> <li> <strong>Animations:</strong> motion (Framer Motion) for the dramatic terminal scanlines, the flashing 418 error screen, and the floating tea emoji.</li> <li> <strong>AI Integration:</strong> The @google/genai SDK. I used the gemini-3-flash-preview model to act as the backend "appliance". Instead of actually brewing coffee, it generates a unique, passive-aggressive excuse every single time you hit the brew button.</li> </ul> <h2> Prize Category </h2> <p>I am submitting this for <strong>two</strong> prize categories:</p> <ol> <li> <strong>Best Google AI Usage:</strong> I used Google AI Studio to build the app, and I embedded the Gemini API (gemini-3-flash-preview) directly into the application logic. Instead of using AI to solve a complex problem, I used cutting-edge generative AI to roleplay as a stubborn, sentient teapot that refuses to do its job.</li> <li> <strong>Best Ode to Larry Masinter:</strong> The entire application is a massive, over-engineered tribute to HTCPCP and the 418 status code. Furthermore, the Gemini system prompt explicitly instructs the AI to mention Larry Masinter in a reverent or funny way in every single error message it generates!</li> </ol> devchallenge 418challenge showdev Vicente G. Reyes Fri, 03 Apr 2026 13:26:52 +0000 https://dev.to/highcenburg/the-finedev-site-is-showing-deployment-paused-2k60 https://dev.to/highcenburg/the-finedev-site-is-showing-deployment-paused-2k60 cicd devops news webdev Vicente G. Reyes Fri, 03 Apr 2026 13:11:53 +0000 https://dev.to/highcenburg/should-i-stress-over-a-staging-environment-2chp https://dev.to/highcenburg/should-i-stress-over-a-staging-environment-2chp cicd devops discuss testing Vicente G. Reyes Tue, 31 Mar 2026 11:38:35 +0000 https://dev.to/highcenburg/post-mortem-the-march-2026-axios-supply-chain-attack-352f https://dev.to/highcenburg/post-mortem-the-march-2026-axios-supply-chain-attack-352f <h2> The Incident </h2> <p>On March 31, 2026, a high-profile supply chain attack targeted <strong>Axios</strong>, a critical HTTP client for the JavaScript ecosystem. By hijacking a maintainer's NPM account, attackers injected a malicious dependency, <code>plain-crypto-js</code>, which deployed a cross-platform Remote Access Trojan (RAT).</p> <h2> Incident Summary </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Detail</th> <th>Information</th> </tr> </thead> <tbody> <tr> <td><strong>Affected Versions</strong></td> <td> <code>axios@1.14.1</code>, <code>axios@0.30.4</code> </td> </tr> <tr> <td><strong>Malicious Dependency</strong></td> <td><code>plain-crypto-js@4.2.1</code></td> </tr> <tr> <td><strong>Payload</strong></td> <td>Cross-platform RAT (Linux, macOS, Windows)</td> </tr> <tr> <td><strong>C2 Server</strong></td> <td><code>sfrclak.com:8000</code></td> </tr> <tr> <td><strong>Resolution Window</strong></td> <td>Live for ~3 hours (00:21 – 03:29 UTC)</td> </tr> </tbody> </table></div> <h2> Technical Deep Dive </h2> <p>The attack bypassed standard security audits by hiding the malicious logic within a sub-dependency. Once installed via a standard <code>npm install</code>, the payload scanned the host machine for:</p> <ul> <li> <strong>Environment Variables:</strong> <code>.env</code> files and active shell exports.</li> <li> <strong>Auth Tokens:</strong> <code>~/.npmrc</code> and <code>~/.aws/credentials</code>.</li> <li> <strong>SSH Keys:</strong> Unprotected private keys in <code>~/.ssh</code>.</li> </ul> <p>Data was exfiltrated via <strong>POST requests</strong> to the <code>sfrclak.com</code> Command &amp; Control (C2) server.</p> <h2> Remediation &amp; Verification </h2> <p>To ensure a development environment is sanitized, the following protocol was executed:</p> <ol> <li> <strong>Network Sinkholing:</strong> Manually mapping the C2 domain to <code>127.0.0.1</code> in <code>/etc/hosts</code> to prevent further exfiltration and "kill" the phone-home capability.</li> <li> <p><strong>Lockfile Audit:</strong> Scanning all local projects for traces of the malicious package using a space-safe search:<br> </p> <pre class="highlight shell"><code>find <span class="nb">.</span> <span class="nt">-type</span> f <span class="se">\(</span> <span class="nt">-name</span> <span class="s2">"package-lock.json"</span> <span class="nt">-o</span> <span class="nt">-name</span> <span class="s2">"yarn.lock"</span> <span class="se">\)</span> <span class="nt">-print0</span> | xargs <span class="nt">-0</span> <span class="nb">grep</span> <span class="s2">"plain-crypto-js"</span> </code></pre> </li> <li><p><strong>Environment Sanitization:</strong> Clearing the global NPM cache and updating tool managers (like <code>mise</code>) to ensure only verified versions are used moving forward.</p></li> </ol> <blockquote> <p><strong>Pro-Tip:</strong> Always use <code>npm audit</code> or tools like <strong>Snyk</strong> to monitor your dependency tree for "hidden" sub-dependencies that do not appear directly in your <code>package.json</code>.</p> </blockquote> security javascript webdev node Vicente G. Reyes Thu, 26 Mar 2026 05:34:23 +0000 https://dev.to/highcenburg/claude-code-vs-antigravity-506e https://dev.to/highcenburg/claude-code-vs-antigravity-506e <p>Who you got? Claude or Antigravity? I read Claude is good for the frontend, Antigravity for the backend. Is that true? What are your thoughts?</p> devdiscuss ai Vicente G. Reyes Wed, 25 Mar 2026 12:51:39 +0000 https://dev.to/highcenburg/sorting-hashnode-series-posts-how-to-display-the-latest-post-first-5ek3 https://dev.to/highcenburg/sorting-hashnode-series-posts-how-to-display-the-latest-post-first-5ek3 <p>When you publish a series of articles on your Hashnode blog and consume it via their GraphQL API for a custom portfolio or website, you quickly run into a common roadblock: <strong>Hashnode’s API natively returns series posts in chronological order (oldest first)</strong>.</p> <p>While this makes sense for consecutive tutorials ("Part 1", "Part 2"), it’s significantly less ideal for ongoing series—like my "Learning how to code with AI" series—where readers typically want to see your newest breakthroughs or the latest problem you solved directly at the top of the feed.</p> <p>Unfortunately, looking at the Hashnode GraphQL Schema (<code>Series.posts</code>), there isn't an out-of-the-box <code>sort: RECENT</code> parameter available. Instead, it demands that you sequentially traverse the cursor paginations starting from the oldest post you've written in that series.</p> <p>Here's how I solved this issue on my React/Vite portfolio to seamlessly deliver a newest-first reading experience to my users.</p> <h2> The Problem: Oldest First Pagination </h2> <p>By default, the standard query to fetch series posts looks like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">query</span><span class="w"> </span><span class="n">Series</span><span class="p">(</span><span class="nv">$host</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!,</span><span class="w"> </span><span class="nv">$slug</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!,</span><span class="w"> </span><span class="nv">$first</span><span class="p">:</span><span class="w"> </span><span class="nb">Int</span><span class="p">!,</span><span class="w"> </span><span class="nv">$after</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">publication</span><span class="p">(</span><span class="n">host</span><span class="p">:</span><span class="w"> </span><span class="nv">$host</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">series</span><span class="p">(</span><span class="n">slug</span><span class="p">:</span><span class="w"> </span><span class="nv">$slug</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">posts</span><span class="p">(</span><span class="n">first</span><span class="p">:</span><span class="w"> </span><span class="nv">$first</span><span class="p">,</span><span class="w"> </span><span class="n">after</span><span class="p">:</span><span class="w"> </span><span class="nv">$after</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">edges</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">node</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">slug</span><span class="w"> </span><span class="n">title</span><span class="w"> </span><span class="n">publishedAt</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="n">pageInfo</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">endCursor</span><span class="w"> </span><span class="n">hasNextPage</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This returns standard edge/node responses, but starting with the very first post of the series. To get the newest post to display on page 1 of our UI, we need the <em>end</em> of the dataset instead of the beginning.</p> <h2> The Solution: A Client-Side Cache &amp; Array Reversal </h2> <p>Since Hashnode API's <code>first</code> parameter maxes out at <code>20</code> items per request, we can't simply request <code>first: 1000</code> and reverse it in one go. We need to sequentially buffer the entire series.</p> <p>To keep it blazing fast for users querying consecutive pages, we shouldn't fetch the whole thing from scratch every time they click "Next". Instead, we can introduce a local caching mechanism in our code.</p> <p>We'll parse through all the posts via a <code>while</code> loop on the initial page load, cache the fully assembled series, <code>.reverse()</code> the data natively in JavaScript, and handle React's generic cursor logic over our local cache instead!</p> <h3> Re-writing <code>fetchSeries</code> in TypeScript </h3> <p>Here's my updated <code>lib/hashnode.ts</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">BlogPost</span><span class="p">,</span> <span class="nx">BlogSeries</span><span class="p">,</span> <span class="nx">PageInfo</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">../types</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// Let's declare local caches outside the function</span> <span class="kd">const</span> <span class="nx">seriesMetaCache</span><span class="p">:</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="nb">Omit</span><span class="o">&lt;</span><span class="nx">BlogSeries</span><span class="p">,</span> <span class="dl">'</span><span class="s1">posts</span><span class="dl">'</span><span class="o">&gt;&gt;</span> <span class="o">=</span> <span class="p">{};</span> <span class="kd">const</span> <span class="nx">seriesPostsCache</span><span class="p">:</span> <span class="nb">Record</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="nx">BlogPost</span><span class="p">[]</span><span class="o">&gt;</span> <span class="o">=</span> <span class="p">{};</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">fetchSeries</span><span class="p">(</span> <span class="nx">slug</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">first</span> <span class="o">=</span> <span class="mi">9</span><span class="p">,</span> <span class="nx">after</span><span class="p">?:</span> <span class="kr">string</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">series</span><span class="p">:</span> <span class="nx">BlogSeries</span> <span class="o">&amp;</span> <span class="p">{</span> <span class="nx">posts</span><span class="p">?:</span> <span class="p">{</span> <span class="na">edges</span><span class="p">:</span> <span class="p">{</span> <span class="na">node</span><span class="p">:</span> <span class="nx">BlogPost</span> <span class="p">}[];</span> <span class="nl">pageInfo</span><span class="p">:</span> <span class="nx">PageInfo</span> <span class="p">}</span> <span class="p">};</span> <span class="p">}</span> <span class="o">|</span> <span class="kc">null</span><span class="o">&gt;</span> <span class="p">{</span> <span class="c1">// 1. If no 'after' is provided, we must be loading the series for the first time.</span> <span class="c1">// We'll hit the Hashnode API repeatedly until we traverse all oldest-first pages.</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">after</span> <span class="o">||</span> <span class="o">!</span><span class="nx">seriesPostsCache</span><span class="p">[</span><span class="nx">slug</span><span class="p">])</span> <span class="p">{</span> <span class="kd">let</span> <span class="na">allPosts</span><span class="p">:</span> <span class="nx">BlogPost</span><span class="p">[]</span> <span class="o">=</span> <span class="p">[];</span> <span class="kd">let</span> <span class="nx">hasNextPage</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span> <span class="kd">let</span> <span class="na">endCursor</span><span class="p">:</span> <span class="kr">string</span> <span class="o">|</span> <span class="kc">undefined</span> <span class="o">=</span> <span class="kc">undefined</span><span class="p">;</span> <span class="kd">let</span> <span class="na">seriesMeta</span><span class="p">:</span> <span class="nb">Omit</span><span class="o">&lt;</span><span class="nx">BlogSeries</span><span class="p">,</span> <span class="dl">'</span><span class="s1">posts</span><span class="dl">'</span><span class="o">&gt;</span> <span class="o">|</span> <span class="kc">null</span> <span class="o">=</span> <span class="kc">null</span><span class="p">;</span> <span class="k">while </span><span class="p">(</span><span class="nx">hasNextPage</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="na">data</span><span class="p">:</span> <span class="kr">any</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">gqlFetch</span><span class="p">(</span><span class="nx">SERIES_QUERY</span><span class="p">,</span> <span class="p">{</span> <span class="na">host</span><span class="p">:</span> <span class="nx">PUBLICATION_HOST</span><span class="p">,</span> <span class="nx">slug</span><span class="p">,</span> <span class="na">first</span><span class="p">:</span> <span class="mi">20</span><span class="p">,</span> <span class="na">after</span><span class="p">:</span> <span class="nx">endCursor</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">publishedSeries</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">publication</span><span class="p">.</span><span class="nx">series</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">publishedSeries</span><span class="p">)</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="c1">// Persist metadata on the first run</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">seriesMeta</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">posts</span><span class="p">,</span> <span class="p">...</span><span class="nx">metaRest</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">publishedSeries</span><span class="p">;</span> <span class="nx">seriesMeta</span> <span class="o">=</span> <span class="nx">metaRest</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">posts</span> <span class="o">=</span> <span class="nx">publishedSeries</span><span class="p">.</span><span class="nx">posts</span><span class="p">;</span> <span class="nx">allPosts</span> <span class="o">=</span> <span class="nx">allPosts</span><span class="p">.</span><span class="nf">concat</span><span class="p">(</span><span class="nx">posts</span><span class="p">.</span><span class="nx">edges</span><span class="p">.</span><span class="nf">map</span><span class="p">((</span><span class="na">e</span><span class="p">:</span> <span class="kr">any</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">e</span><span class="p">.</span><span class="nx">node</span><span class="p">));</span> <span class="nx">hasNextPage</span> <span class="o">=</span> <span class="nx">posts</span><span class="p">.</span><span class="nx">pageInfo</span><span class="p">.</span><span class="nx">hasNextPage</span><span class="p">;</span> <span class="nx">endCursor</span> <span class="o">=</span> <span class="nx">posts</span><span class="p">.</span><span class="nx">pageInfo</span><span class="p">.</span><span class="nx">endCursor</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// 2. Here's the magic trick. Reverse the array so Newest is First.</span> <span class="nx">seriesPostsCache</span><span class="p">[</span><span class="nx">slug</span><span class="p">]</span> <span class="o">=</span> <span class="nx">allPosts</span><span class="p">.</span><span class="nf">reverse</span><span class="p">();</span> <span class="k">if </span><span class="p">(</span><span class="nx">seriesMeta</span><span class="p">)</span> <span class="p">{</span> <span class="nx">seriesMetaCache</span><span class="p">[</span><span class="nx">slug</span><span class="p">]</span> <span class="o">=</span> <span class="nx">seriesMeta</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// 3. Grab from cache</span> <span class="kd">const</span> <span class="nx">allPosts</span> <span class="o">=</span> <span class="nx">seriesPostsCache</span><span class="p">[</span><span class="nx">slug</span><span class="p">];</span> <span class="kd">const</span> <span class="nx">seriesMeta</span> <span class="o">=</span> <span class="nx">seriesMetaCache</span><span class="p">[</span><span class="nx">slug</span><span class="p">];</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">seriesMeta</span><span class="p">)</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="c1">// 4. Implement local slicing based on the provided cursors</span> <span class="kd">const</span> <span class="nx">startIndex</span> <span class="o">=</span> <span class="nx">after</span> <span class="p">?</span> <span class="nx">allPosts</span><span class="p">.</span><span class="nf">findIndex</span><span class="p">(</span><span class="nx">p</span> <span class="o">=&gt;</span> <span class="nx">p</span><span class="p">.</span><span class="nx">slug</span> <span class="o">===</span> <span class="nx">after</span><span class="p">)</span> <span class="o">+</span> <span class="mi">1</span> <span class="p">:</span> <span class="mi">0</span><span class="p">;</span> <span class="c1">// Safety net in case of invalid cursor</span> <span class="kd">const</span> <span class="nx">validStartIndex</span> <span class="o">=</span> <span class="nx">startIndex</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="p">?</span> <span class="nx">startIndex</span> <span class="p">:</span> <span class="p">(</span><span class="nx">after</span> <span class="p">?</span> <span class="nx">allPosts</span><span class="p">.</span><span class="nx">length</span> <span class="p">:</span> <span class="mi">0</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">slice</span> <span class="o">=</span> <span class="nx">allPosts</span><span class="p">.</span><span class="nf">slice</span><span class="p">(</span><span class="nx">validStartIndex</span><span class="p">,</span> <span class="nx">validStartIndex</span> <span class="o">+</span> <span class="nx">first</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">nextHasNextPage</span> <span class="o">=</span> <span class="nx">validStartIndex</span> <span class="o">+</span> <span class="nx">first</span> <span class="o">&lt;</span> <span class="nx">allPosts</span><span class="p">.</span><span class="nx">length</span><span class="p">;</span> <span class="c1">// Set the newest 'endCursor' for the client to use on consecutive requests</span> <span class="kd">const</span> <span class="nx">newEndCursor</span> <span class="o">=</span> <span class="nx">slice</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="p">?</span> <span class="nx">slice</span><span class="p">[</span><span class="nx">slice</span><span class="p">.</span><span class="nx">length</span> <span class="o">-</span> <span class="mi">1</span><span class="p">].</span><span class="nx">slug</span> <span class="p">:</span> <span class="kc">null</span><span class="p">;</span> <span class="c1">// 5. Structure exactly how the calling React component expects</span> <span class="k">return</span> <span class="p">{</span> <span class="na">series</span><span class="p">:</span> <span class="p">{</span> <span class="p">...</span><span class="nx">seriesMeta</span><span class="p">,</span> <span class="na">posts</span><span class="p">:</span> <span class="p">{</span> <span class="na">edges</span><span class="p">:</span> <span class="nx">slice</span><span class="p">.</span><span class="nf">map</span><span class="p">(</span><span class="nx">node</span> <span class="o">=&gt;</span> <span class="p">({</span> <span class="nx">node</span> <span class="p">})),</span> <span class="na">pageInfo</span><span class="p">:</span> <span class="p">{</span> <span class="na">endCursor</span><span class="p">:</span> <span class="nx">newEndCursor</span> <span class="o">||</span> <span class="dl">''</span><span class="p">,</span> <span class="na">hasNextPage</span><span class="p">:</span> <span class="nx">nextHasNextPage</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="k">as</span> <span class="kr">any</span> <span class="p">};</span> <span class="p">}</span> </code></pre> </div> <h2> Why this approach is awesome: </h2> <ol> <li> <strong>Zero UI Adjustments</strong>: The React component responsible for consuming the posts (<code>SeriesPage.tsx</code>) doesn’t even know this under-the-hood wizardry is occurring. It passes <code>first</code> and <code>after</code> standardly and receives seamless newest-first data.</li> <li> <strong>Instant "Load More"</strong>: Once the initial batch is traversed during <code>while(hasNextPage)</code>, it acts exactly like an instant static array. Any subsequent "Load More" clicks don't hit the standard network stack; they instantly slice through <code>seriesPostsCache</code> in micro-seconds!</li> <li> <strong>Overcoming GraphQL Limitations</strong>: Sometimes headless CMS or GraphQL servers (like Hashnode's otherwise fantastic API) restrict complex filtering or sorting on nested nodes purely for their own database performance. When you abstract that layer on your backend caching structure, you win full control back.</li> </ol> <p>Now, whenever users visit the series pages in my portfolio, the most recently solved programming challenges are rightfully spotlighted at the very top. What's not to love about building digital experiences that slap?</p> typescript graphql api Vicente G. Reyes Tue, 17 Mar 2026 10:47:36 +0000 https://dev.to/highcenburg/building-a-seamless-jwt-onboarding-flow-with-react-router-v7-and-django-6bc https://dev.to/highcenburg/building-a-seamless-jwt-onboarding-flow-with-react-router-v7-and-django-6bc <p>Authentication and onboarding are often the highest-friction points in a new user's journey. If the process is clunky or requires too many redirects, users drop off. Recently, I set out to build a streamlined <strong>JWT authentication and onboarding flow</strong> using a modern stack: <strong>React Router v7 (with Vite), TypeScript, and Django REST Framework (DRF)</strong>.</p> <p>In this article, I'll walk through the architecture, the backend implementation, and how to handle protected routes securely on the client side.</p> <h2> The Architecture Stack </h2> <p>Here is what we are working with:</p> <ul> <li> <strong>Backend:</strong> Django, Django REST Framework (DRF), and <code>djangorestframework-simplejwt</code>.</li> <li> <strong>Frontend:</strong> React (via Vite) and the newly released React Router v7.</li> <li> <strong>Styling:</strong> Tailwind CSS.</li> <li> <strong>State Management:</strong> React Context API for lightweight auth state handling.</li> </ul> <h3> The Goal </h3> <ol> <li> A user registers.</li> <li> The user logs in. They receive a short-lived access token and a refresh token.</li> <li> The backend knows if the user has completed their profile setup (<code>is_onboarded</code>).</li> <li> If they haven't onboarded, the backend middleware blocks API requests, and the frontend automatically reroutes them to the <code>/onboarding</code> page.</li> <li> Once onboarded, new tokens are issued with the updated status, and the user gains full access to the application <code>/</code>.</li> </ol> <h2> 1. Setting up the Django Backend </h2> <h3> The Custom User Model </h3> <p>First, we need to track whether a user has finished setting up their profile. We extend Django's <code>AbstractUser</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># users/models.py </span><span class="kn">from</span> <span class="n">django.contrib.auth.models</span> <span class="kn">import</span> <span class="n">AbstractUser</span> <span class="kn">from</span> <span class="n">django.db</span> <span class="kn">import</span> <span class="n">models</span> <span class="k">class</span> <span class="nc">User</span><span class="p">(</span><span class="n">AbstractUser</span><span class="p">):</span> <span class="n">is_onboarded</span> <span class="o">=</span> <span class="n">models</span><span class="p">.</span><span class="nc">BooleanField</span><span class="p">(</span><span class="n">default</span><span class="o">=</span><span class="bp">False</span><span class="p">)</span> </code></pre> </div> <h3> Customizing the JWT Payload </h3> <p>By default, SimpleJWT only includes the <code>user_id</code> inside the token. We want the frontend to immediately know the user's name and onboarding status without making an extra API call.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># users/serializers.py </span><span class="kn">from</span> <span class="n">rest_framework_simplejwt.serializers</span> <span class="kn">import</span> <span class="n">TokenObtainPairSerializer</span> <span class="k">class</span> <span class="nc">MyTokenObtainPairSerializer</span><span class="p">(</span><span class="n">TokenObtainPairSerializer</span><span class="p">):</span> <span class="nd">@classmethod</span> <span class="k">def</span> <span class="nf">get_token</span><span class="p">(</span><span class="n">cls</span><span class="p">,</span> <span class="n">user</span><span class="p">):</span> <span class="n">token</span> <span class="o">=</span> <span class="nf">super</span><span class="p">().</span><span class="nf">get_token</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="c1"># Inject custom claims into the JWT payload </span> <span class="n">token</span><span class="p">[</span><span class="sh">'</span><span class="s">is_onboarded</span><span class="sh">'</span><span class="p">]</span> <span class="o">=</span> <span class="n">user</span><span class="p">.</span><span class="n">is_onboarded</span> <span class="n">token</span><span class="p">[</span><span class="sh">'</span><span class="s">username</span><span class="sh">'</span><span class="p">]</span> <span class="o">=</span> <span class="n">user</span><span class="p">.</span><span class="n">username</span> <span class="k">return</span> <span class="n">token</span> </code></pre> </div> <h3> Enforcing Onboarding with Middleware </h3> <p>We want to strictly prevent un-onboarded users from accessing core application data. We do this via a custom Django middleware that intercepts requests.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># users/middleware.py </span><span class="kn">from</span> <span class="n">django.http</span> <span class="kn">import</span> <span class="n">JsonResponse</span> <span class="kn">from</span> <span class="n">django.urls</span> <span class="kn">import</span> <span class="n">reverse</span> <span class="k">class</span> <span class="nc">OnboardingMiddleware</span><span class="p">:</span> <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">get_response</span><span class="p">):</span> <span class="n">self</span><span class="p">.</span><span class="n">get_response</span> <span class="o">=</span> <span class="n">get_response</span> <span class="k">def</span> <span class="nf">__call__</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">request</span><span class="p">):</span> <span class="c1"># Exempt authentication and onboarding endpoints </span> <span class="n">exempt_urls</span> <span class="o">=</span> <span class="p">[</span><span class="nf">reverse</span><span class="p">(</span><span class="sh">'</span><span class="s">token_obtain_pair</span><span class="sh">'</span><span class="p">),</span> <span class="sh">'</span><span class="s">/api/onboard/submit/</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">/api/register/</span><span class="sh">'</span><span class="p">]</span> <span class="k">if</span> <span class="n">request</span><span class="p">.</span><span class="n">path</span> <span class="ow">in</span> <span class="n">exempt_urls</span> <span class="ow">or</span> <span class="n">request</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">startswith</span><span class="p">(</span><span class="sh">'</span><span class="s">/admin/</span><span class="sh">'</span><span class="p">):</span> <span class="k">return</span> <span class="n">self</span><span class="p">.</span><span class="nf">get_response</span><span class="p">(</span><span class="n">request</span><span class="p">)</span> <span class="n">user</span> <span class="o">=</span> <span class="n">request</span><span class="p">.</span><span class="n">user</span> <span class="c1"># Block access if authenticated but not onboarded </span> <span class="k">if</span> <span class="n">user</span><span class="p">.</span><span class="n">is_authenticated</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">user</span><span class="p">.</span><span class="n">is_onboarded</span><span class="p">:</span> <span class="k">return</span> <span class="nc">JsonResponse</span><span class="p">({</span> <span class="sh">"</span><span class="s">error</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">ONBOARDING_REQUIRED</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">message</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Please complete onboarding before accessing this resource.</span><span class="sh">"</span> <span class="p">},</span> <span class="n">status</span><span class="o">=</span><span class="mi">403</span><span class="p">)</span> <span class="k">return</span> <span class="n">self</span><span class="p">.</span><span class="nf">get_response</span><span class="p">(</span><span class="n">request</span><span class="p">)</span> </code></pre> </div> <p>Now, even if a user tries to bypass the frontend routing, the API will refuse to serve them data!</p> <h3> Refreshing Tokens upon Onboarding </h3> <p>When the user submits the onboarding form, their status changes in the database. However, their physical JWT won't update automatically. We handle this by issuing completely new tokens in the onboarding response:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># users/views.py </span><span class="kn">from</span> <span class="n">rest_framework.views</span> <span class="kn">import</span> <span class="n">APIView</span> <span class="kn">from</span> <span class="n">rest_framework.response</span> <span class="kn">import</span> <span class="n">Response</span> <span class="kn">from</span> <span class="n">rest_framework</span> <span class="kn">import</span> <span class="n">status</span><span class="p">,</span> <span class="n">permissions</span> <span class="k">class</span> <span class="nc">OnboardSubmitView</span><span class="p">(</span><span class="n">APIView</span><span class="p">):</span> <span class="n">permission_classes</span> <span class="o">=</span> <span class="p">(</span><span class="n">permissions</span><span class="p">.</span><span class="n">IsAuthenticated</span><span class="p">,)</span> <span class="k">def</span> <span class="nf">post</span><span class="p">(</span><span class="n">self</span><span class="p">,</span> <span class="n">request</span><span class="p">):</span> <span class="n">user</span> <span class="o">=</span> <span class="n">request</span><span class="p">.</span><span class="n">user</span> <span class="k">if</span> <span class="n">user</span><span class="p">.</span><span class="n">is_onboarded</span><span class="p">:</span> <span class="k">return</span> <span class="nc">Response</span><span class="p">({</span><span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Already onboarded.</span><span class="sh">"</span><span class="p">},</span> <span class="n">status</span><span class="o">=</span><span class="mi">400</span><span class="p">)</span> <span class="n">user</span><span class="p">.</span><span class="n">is_onboarded</span> <span class="o">=</span> <span class="bp">True</span> <span class="n">user</span><span class="p">.</span><span class="nf">save</span><span class="p">()</span> <span class="c1"># Generate fresh tokens reflecting the new state </span> <span class="n">refresh</span> <span class="o">=</span> <span class="n">MyTokenObtainPairSerializer</span><span class="p">.</span><span class="nf">get_token</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="k">return</span> <span class="nc">Response</span><span class="p">({</span> <span class="sh">"</span><span class="s">detail</span><span class="sh">"</span><span class="p">:</span> <span class="sh">"</span><span class="s">Onboarding complete.</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">is_onboarded</span><span class="sh">"</span><span class="p">:</span> <span class="bp">True</span><span class="p">,</span> <span class="sh">"</span><span class="s">access</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">refresh</span><span class="p">.</span><span class="n">access_token</span><span class="p">),</span> <span class="sh">"</span><span class="s">refresh</span><span class="sh">"</span><span class="p">:</span> <span class="nf">str</span><span class="p">(</span><span class="n">refresh</span><span class="p">)</span> <span class="p">},</span> <span class="n">status</span><span class="o">=</span><span class="n">status</span><span class="p">.</span><span class="n">HTTP_200_OK</span><span class="p">)</span> </code></pre> </div> <h2> 2. Setting up the React Frontend </h2> <p>We spun up the frontend using React Router v7's built-in Vite template.</p> <h3> Bypassing CORS locally </h3> <p>To avoid CORS issues during development, we configured Vite to proxy <code>/api</code> requests to our Django dev server:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// vite.config.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">defineConfig</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">vite</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="nf">defineConfig</span><span class="p">({</span> <span class="c1">// plugins...</span> <span class="na">server</span><span class="p">:</span> <span class="p">{</span> <span class="na">proxy</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">/api</span><span class="dl">'</span><span class="p">:</span> <span class="p">{</span> <span class="na">target</span><span class="p">:</span> <span class="dl">'</span><span class="s1">http://localhost:8000</span><span class="dl">'</span><span class="p">,</span> <span class="na">changeOrigin</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <h3> Global Authentication Context </h3> <p>We use React Context to provide user data (<code>token</code>, <code>user</code> payload, <code>login</code>, <code>logout</code>) globally. </p> <p>A critical detail: <strong>Server-Side Rendering (SSR)</strong>. React Router v7 utilizes SSR by default when hydrating the app. If you try to read <code>localStorage.getItem('access_token')</code> immediately on the server, Node.js will crash with a <code>ReferenceError: localStorage is not defined</code>. </p> <p>We fix this by waiting for hydration on the client using a simple <code>useEffect</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// app/contexts/AuthContext.tsx</span> <span class="k">import</span> <span class="nx">React</span><span class="p">,</span> <span class="p">{</span> <span class="nx">createContext</span><span class="p">,</span> <span class="nx">useContext</span><span class="p">,</span> <span class="nx">useEffect</span><span class="p">,</span> <span class="nx">useState</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">react</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// ... interfaces and parseJwt helper ...</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">AuthProvider</span><span class="p">({</span> <span class="nx">children</span> <span class="p">}:</span> <span class="p">{</span> <span class="nl">children</span><span class="p">:</span> <span class="nx">React</span><span class="p">.</span><span class="nx">ReactNode</span> <span class="p">})</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">token</span><span class="p">,</span> <span class="nx">setToken</span><span class="p">]</span> <span class="o">=</span> <span class="nx">useState</span><span class="o">&lt;</span><span class="kr">string</span> <span class="o">|</span> <span class="kc">null</span><span class="o">&gt;</span><span class="p">(</span><span class="kc">null</span><span class="p">);</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">isClient</span><span class="p">,</span> <span class="nx">setIsClient</span><span class="p">]</span> <span class="o">=</span> <span class="nf">useState</span><span class="p">(</span><span class="kc">false</span><span class="p">);</span> <span class="c1">// Safe SSR hydration</span> <span class="nf">useEffect</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">setIsClient</span><span class="p">(</span><span class="kc">true</span><span class="p">);</span> <span class="nf">setToken</span><span class="p">(</span><span class="k">typeof</span> <span class="nb">window</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">undefined</span><span class="dl">"</span> <span class="p">?</span> <span class="nx">localStorage</span><span class="p">.</span><span class="nf">getItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">access_token</span><span class="dl">'</span><span class="p">)</span> <span class="p">:</span> <span class="kc">null</span><span class="p">);</span> <span class="p">},</span> <span class="p">[]);</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nx">token</span> <span class="p">?</span> <span class="nf">parseJwt</span><span class="p">(</span><span class="nx">token</span><span class="p">)</span> <span class="k">as</span> <span class="nx">UserPayload</span> <span class="p">:</span> <span class="kc">null</span><span class="p">;</span> <span class="nf">useEffect</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">token</span><span class="p">)</span> <span class="nx">localStorage</span><span class="p">.</span><span class="nf">setItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">access_token</span><span class="dl">'</span><span class="p">,</span> <span class="nx">token</span><span class="p">);</span> <span class="k">else</span> <span class="nx">localStorage</span><span class="p">.</span><span class="nf">removeItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">access_token</span><span class="dl">'</span><span class="p">);</span> <span class="p">},</span> <span class="p">[</span><span class="nx">token</span><span class="p">]);</span> <span class="kd">const</span> <span class="nx">login</span> <span class="o">=</span> <span class="p">(</span><span class="nx">access</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">refresh</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">localStorage</span><span class="p">.</span><span class="nf">setItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">refresh_token</span><span class="dl">'</span><span class="p">,</span> <span class="nx">refresh</span><span class="p">);</span> <span class="nf">setToken</span><span class="p">(</span><span class="nx">access</span><span class="p">);</span> <span class="p">};</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isClient</span><span class="p">)</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="c1">// Prevent hydration mismatch</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;</span><span class="nx">AuthContext</span><span class="p">.</span><span class="nx">Provider</span> <span class="nx">value</span><span class="o">=</span><span class="p">{{</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">login</span><span class="p">,</span> <span class="nx">logout</span><span class="p">,</span> <span class="nx">refreshAccessToken</span> <span class="p">}}</span><span class="o">&gt;</span> <span class="p">{</span><span class="nx">children</span><span class="p">}</span> <span class="o">&lt;</span><span class="sr">/AuthContext.Provider</span><span class="err">&gt; </span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h3> Route Protection and Redirection </h3> <p>With our context in place, protecting routes and enforcing onboarding becomes incredibly simple. We intercept users in a <code>useEffect</code> on our page components. </p> <p>Here is what our protected <strong>Home Dashboard</strong> looks like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// app/routes/home.tsx</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useEffect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">react</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useNavigate</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">react-router</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useAuth</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../contexts/AuthContext</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">Home</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">token</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">logout</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useAuth</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">navigate</span> <span class="o">=</span> <span class="nf">useNavigate</span><span class="p">();</span> <span class="nf">useEffect</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">token</span><span class="p">)</span> <span class="p">{</span> <span class="nf">navigate</span><span class="p">(</span><span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Kick out unauthenticated users</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">user</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="nx">user</span><span class="p">.</span><span class="nx">is_onboarded</span><span class="p">)</span> <span class="p">{</span> <span class="nf">navigate</span><span class="p">(</span><span class="dl">"</span><span class="s2">/onboarding</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Kick out un-onboarded users</span> <span class="p">}</span> <span class="p">},</span> <span class="p">[</span><span class="nx">token</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">navigate</span><span class="p">]);</span> <span class="c1">// Don't render until verified to prevent brief flashes of content</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span> <span class="o">||</span> <span class="o">!</span><span class="nx">user</span><span class="p">.</span><span class="nx">is_onboarded</span><span class="p">)</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="k">return </span><span class="p">(</span> <span class="o">&lt;</span><span class="nx">div</span><span class="o">&gt;</span> <span class="o">&lt;</span><span class="nx">h1</span><span class="o">&gt;</span><span class="nx">Welcome</span> <span class="nx">to</span> <span class="nx">your</span> <span class="nx">portal</span><span class="p">,</span> <span class="p">{</span><span class="nx">user</span><span class="p">.</span><span class="nx">username</span><span class="p">}</span><span class="o">!&lt;</span><span class="sr">/h1</span><span class="err">&gt; </span> <span class="o">&lt;</span><span class="sr">/div</span><span class="err">&gt; </span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>When the user is pushed to <code>/onboarding</code>, they hit our submit button. The API returns the <em>new</em> tokens, we update the context, and React Router instantly pushes them back to <code>/</code> seamlessly!<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Inside Onboarding component submit handler</span> <span class="kd">const</span> <span class="nx">handleComplete</span> <span class="o">=</span> <span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/onboard/submit/</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">"</span><span class="s2">Authorization</span><span class="dl">"</span><span class="p">:</span> <span class="s2">`Bearer </span><span class="p">${</span><span class="nx">token</span><span class="p">}</span><span class="s2">`</span> <span class="p">}</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">res</span><span class="p">.</span><span class="nx">ok</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="nf">login</span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">access</span><span class="p">,</span> <span class="nx">data</span><span class="p">.</span><span class="nx">refresh</span><span class="p">);</span> <span class="c1">// Instantly updates global context</span> <span class="nf">navigate</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Redirect to dashboard</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <h2> Conclusion </h2> <p>By embedding the <code>is_onboarded</code> claim directly inside the JWT, we eliminate the need for the frontend to constantly ping the database to check a user's status. Coupling this tightly with Django Middleware ensures backend security, while utilizing React Context provides snappy, seamless redirects on the frontend.</p> <p>Building auth doesn't have to be painful—with the right architecture, it can be safe, scalable, and a great experience for the end user.</p> python django react javascript Vicente G. Reyes Mon, 16 Mar 2026 03:42:27 +0000 https://dev.to/highcenburg/why-i-built-my-own-unlimited-audio-video-transcriber-23i9 https://dev.to/highcenburg/why-i-built-my-own-unlimited-audio-video-transcriber-23i9 <p>We've all been there. You have a massive audio file—a two-hour interview, a long lecture, or a recorded meeting—and you just need it converted to text.</p> <p>You do a quick search for "free audio to text transcriber" and find dozens of online tools. But there's a catch. Once you upload your file, you're hit with a paywall: <em>"File size exceeds limit"</em> or <em>"Upgrade to pro to transcribe more than 60 minutes."</em></p> <p>I recently ran into this exact problem. I needed a reliable video and audio transcriber that didn't complain when I threw a massive, multi-hour file at it. After hitting limits on almost every online service, I realized the best solution wasn't to pay for a subscription I'd rarely use—it was to build it myself.</p> <p>Here is how I built my own unlimited, completely free, and private transcriber using Python, OpenAI's Whisper, and Streamlit, accelerated by NVIDIA's CUDA.</p> <h2> The Tech Stack </h2> <p>I wanted the tool to be simple to use, run locally (so my data stays private), and handle both audio and video files flawlessly. Looking at my <code>requirements.txt</code>, here are the core tools making it possible:</p> <ol> <li> <strong>Python:</strong> The backbone of the project.</li> <li> <strong>Streamlit (v1.55):</strong> A fantastic library that turns Python scripts into interactive web apps in minutes. No HTML/CSS needed.</li> <li> <strong>OpenAI's Whisper:</strong> An incredibly powerful and accurate open-source speech recognition model that runs locally.</li> <li> <strong>PyTorch &amp; NVIDIA CUDA (cu12):</strong> To make the transcription lightning-fast, I included <code>torch</code> along with NVIDIA dependencies like <code>nvidia-cudnn-cu12</code> and <code>nvidia-cublas-cu12</code>. This allows Whisper to harness GPU acceleration, slashing transcription times down from hours to mere minutes.</li> <li> <strong>MoviePy (v2.2):</strong> To handle video files seamlessly by extracting the audio tracks before passing them to Whisper.</li> <li> <strong>python-docx &amp; fpdf2:</strong> To allow exporting the final transcriptions into easily shareable Word documents and PDFs.</li> </ol> <h2> How It Works </h2> <p>The magic of the application lies in its simplicity. Here is the life cycle of a transcription task in the app:</p> <h3> 1. Handling the Uploads </h3> <p>Using Streamlit's <code>file_uploader</code>, I built a quick UI that accepts various formats. Streamlit makes this incredibly easy with surprisingly few lines of code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="n">st</span><span class="p">.</span><span class="nf">title</span><span class="p">(</span><span class="sh">"</span><span class="s">🎙️ Audio &amp; Video Transcriber</span><span class="sh">"</span><span class="p">)</span> <span class="n">st</span><span class="p">.</span><span class="nf">write</span><span class="p">(</span><span class="sh">"</span><span class="s">Upload a file to convert speech to text.</span><span class="sh">"</span><span class="p">)</span> <span class="n">uploaded_file</span> <span class="o">=</span> <span class="n">st</span><span class="p">.</span><span class="nf">file_uploader</span><span class="p">(</span> <span class="sh">"</span><span class="s">Choose a file</span><span class="sh">"</span><span class="p">,</span> <span class="nb">type</span><span class="o">=</span><span class="p">[</span><span class="sh">"</span><span class="s">mp3</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">wav</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">m4a</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">mp4</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">mov</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">avi</span><span class="sh">"</span><span class="p">]</span> <span class="p">)</span> </code></pre> </div> <h3> 2. Extracting Audio from Video </h3> <p>Whisper transcribes audio. But often, the content we want to transcribe is locked inside a video format (like a recorded Zoom meeting). To solve this, I integrated <strong>MoviePy</strong>. If the user uploads a video file, the app intercepts it, extracts the audio track in the background, and forwards <em>that</em> to the AI model:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># If it's a video, extract the audio using MoviePy 2.0 syntax </span><span class="k">if</span> <span class="n">suffix</span><span class="p">.</span><span class="nf">lower</span><span class="p">()</span> <span class="ow">in</span> <span class="p">[</span><span class="sh">"</span><span class="s">.mp4</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">.mov</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">.avi</span><span class="sh">"</span><span class="p">]:</span> <span class="n">st</span><span class="p">.</span><span class="nf">text</span><span class="p">(</span><span class="sh">"</span><span class="s">Processing video... extracting audio.</span><span class="sh">"</span><span class="p">)</span> <span class="n">video</span> <span class="o">=</span> <span class="nc">VideoFileClip</span><span class="p">(</span><span class="n">input_path</span><span class="p">)</span> <span class="n">audio_path</span> <span class="o">=</span> <span class="n">input_path</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="n">suffix</span><span class="p">,</span> <span class="sh">"</span><span class="s">.mp3</span><span class="sh">"</span><span class="p">)</span> <span class="c1"># Access audio and write it to a temp file </span> <span class="n">video</span><span class="p">.</span><span class="n">audio</span><span class="p">.</span><span class="nf">write_audiofile</span><span class="p">(</span><span class="n">audio_path</span><span class="p">,</span> <span class="n">logger</span><span class="o">=</span><span class="bp">None</span><span class="p">)</span> <span class="n">processing_path</span> <span class="o">=</span> <span class="n">audio_path</span> <span class="n">video</span><span class="p">.</span><span class="nf">close</span><span class="p">()</span> <span class="c1"># Important to free up system resources </span></code></pre> </div> <h3> 3. GPU-Accelerated Transcription </h3> <p>The heavy lifting is done by <strong>Whisper</strong>. I opted to use the <code>base</code> model, which provides a fantastic balance between transcription speed and accuracy.</p> <p>Because Whisper runs locally on my machine utilizing PyTorch and my NVIDIA GPU via CUDA, <strong>there are no time limits</strong>. I can feed it a 3-hour podcast, and it will methodically transcribe the entire thing without ever asking me for a credit card.</p> <p>To make the app snappy and avoid reloading massive AI weights on every action, I used Streamlit's <code>@st.cache_resource</code> decorator:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="c1"># Initialize Whisper model, caching it to avoid reloading </span><span class="nd">@st.cache_resource</span> <span class="k">def</span> <span class="nf">load_model</span><span class="p">():</span> <span class="c1"># Use "base" for a good balance of speed and accuracy </span> <span class="k">return</span> <span class="n">whisper</span><span class="p">.</span><span class="nf">load_model</span><span class="p">(</span><span class="sh">"</span><span class="s">base</span><span class="sh">"</span><span class="p">)</span> <span class="n">model</span> <span class="o">=</span> <span class="nf">load_model</span><span class="p">()</span> <span class="k">def</span> <span class="nf">transcribe_file</span><span class="p">(</span><span class="n">file_path</span><span class="p">):</span> <span class="n">st</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="sh">"</span><span class="s">Transcribing... This may take a few minutes.</span><span class="sh">"</span><span class="p">)</span> <span class="n">result</span> <span class="o">=</span> <span class="n">model</span><span class="p">.</span><span class="nf">transcribe</span><span class="p">(</span><span class="n">file_path</span><span class="p">)</span> <span class="k">return</span> <span class="n">result</span><span class="p">[</span><span class="sh">'</span><span class="s">text</span><span class="sh">'</span><span class="p">]</span> </code></pre> </div> <h3> 4. Exporting the Results </h3> <p>A block of text on a web page is great, but a downloadable file is better. I used <code>python-docx</code> to generate Word documents formatting the output nicely. Once the transcription is done, the app provides shiny download buttons right there in the UI:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">save_as_docx</span><span class="p">(</span><span class="n">text</span><span class="p">,</span> <span class="n">filename</span><span class="p">):</span> <span class="n">doc</span> <span class="o">=</span> <span class="nc">Document</span><span class="p">()</span> <span class="n">doc</span><span class="p">.</span><span class="nf">add_heading</span><span class="p">(</span><span class="sh">'</span><span class="s">Transcription</span><span class="sh">'</span><span class="p">,</span> <span class="mi">0</span><span class="p">)</span> <span class="n">doc</span><span class="p">.</span><span class="nf">add_paragraph</span><span class="p">(</span><span class="n">text</span><span class="p">)</span> <span class="n">doc</span><span class="p">.</span><span class="nf">save</span><span class="p">(</span><span class="n">filename</span><span class="p">)</span> <span class="k">return</span> <span class="n">filename</span> <span class="c1"># In the Streamlit UI later... </span><span class="n">docx_file</span> <span class="o">=</span> <span class="sh">"</span><span class="s">transcription.docx</span><span class="sh">"</span> <span class="nf">save_as_docx</span><span class="p">(</span><span class="n">transcript</span><span class="p">,</span> <span class="n">docx_file</span><span class="p">)</span> <span class="k">with</span> <span class="nf">open</span><span class="p">(</span><span class="n">docx_file</span><span class="p">,</span> <span class="sh">"</span><span class="s">rb</span><span class="sh">"</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span> <span class="n">col1</span><span class="p">.</span><span class="nf">download_button</span><span class="p">(</span><span class="sh">"</span><span class="s">Download as DOCX</span><span class="sh">"</span><span class="p">,</span> <span class="n">f</span><span class="p">,</span> <span class="n">file_name</span><span class="o">=</span><span class="sh">"</span><span class="s">transcription.docx</span><span class="sh">"</span><span class="p">)</span> </code></pre> </div> <h2> The Result </h2> <p>In less than 100 lines of Python code, I built a fully functional, local web app that solves a very real, very annoying problem.</p> <p><strong>No file size limits. No hidden paywalls. Total privacy. Blazing fast GPU inference.</strong></p> <p>Building your own tools to solve personal bottlenecks is one of the most rewarding parts of knowing how to code. If you find yourself fighting against the limitations of "free" online software, take a step back and ask yourself: <em>"Could I just build this?"</em></p> <p>Chances are, with modern libraries and a spare afternoon, you entirely can.</p> <p>Code can be found here: <a href="https://github.com/reyesvicente/audio-to-text" rel="noopener noreferrer">https://github.com/reyesvicente/audio-to-text</a></p> python ai machinelearning showdev Vicente G. Reyes Tue, 10 Mar 2026 10:45:04 +0000 https://dev.to/highcenburg/what-do-you-call-a-developer-that-doesnt-reply-a-seen-ior-developer-3fl1 https://dev.to/highcenburg/what-do-you-call-a-developer-that-doesnt-reply-a-seen-ior-developer-3fl1 developer programming watercooler Vicente G. Reyes Fri, 06 Mar 2026 13:36:22 +0000 https://dev.to/highcenburg/a-reimagined-classic-druglord-98-in-the-browser-5ell https://dev.to/highcenburg/a-reimagined-classic-druglord-98-in-the-browser-5ell <p>If you were gaming in the late 90s and early 2000s, you likely remember the thrill of text-based trading simulation games. Today, we're taking a look at a fantastic modernization of one of those classics: a brand-new, browser-based <strong>DrugLord</strong> reimagining set in the gritty streets of Metro Manila, circa 1998.</p> <p>Built with a sleek, glowing-green terminal aesthetic that screams "hacker culture," this new iteration brings the addictive "buy low, sell high" gameplay loop into the modern era using Next.js, React, and Tailwind CSS. Let's dive into what makes this browser adaptation so relentlessly playable.</p> <h2> The Vibe: Neon Green on Pitch Black </h2> <p>The moment you initialize your connection by entering your alias (Heisenberg, anyone?), you're greeted with a UI that perfectly captures the nostalgia of MS-DOS prompts and old-school BBS interfaces. The glowing green text (<code>text-green-500</code> for the Tailwind fans), monospaced fonts, and clean, modular layout make the game feel instantly familiar yet highly polished.</p> <p>It doesn’t rely on flashy 3D graphics; instead, it uses a sharp, text-heavy dashboard enriched by beautifully minimal icons from <code>lucide-react</code>. The real tension comes from the numbers ticking up—and plummeting down—on your screen.</p> <h2> Gameplay Mechanics: Survive and Thrive </h2> <p>The premise remains faithfully brutal. You have <strong>30 days</strong> to make as much money as possible while dodging the cops, dealing with shady characters, and paying off a massive debt to a relentless Loan Shark. </p> <p>Here are the core features that drive the simulation:</p> <h3> 🎭 The Metro Manila Market </h3> <p>You travel across infamous Metro Manila locations like Tondo, Maharlika (Taguig), Tramo, Caloocan, Makati, and Quezon City. Each time you hop on a jeepney or the MRT, a day passes, and the market shifts. Prices for commodities—ranging from Weed to Methamphetamine and high-stakes Cocaine—fluctuate wildly. You might encounter a market crash flooding the streets with cheap product, or a massive police bust that skyrockets prices, giving you the perfect opportunity to offload your stash.</p> <h3> 💼 Inventory &amp; Risk Management </h3> <p>Your inventory isn't a magical bottomless bag; it's a <strong>trenchcoat</strong>. Space is severely limited, meaning you have to think critically about whether to buy cheap, bulky items or invest in expensive, space-efficient commodities. Occasionally, random events might bless you with a shady character offering a trenchcoat upgrade—for a steep price, of course.</p> <h3> 🏦 Financial Strategy </h3> <p>Money management is the true heart of the game:</p> <ul> <li> <strong>The Loan Shark:</strong> You start in a deep $5,500 hole with a punishing <strong>10% daily interest rate</strong>. Paying this off early is crucial, or the compounding interest will bury you.</li> <li> <strong>First National Bank:</strong> Don't want to carry all your cash around the dangerous subways? Stash it in the bank. It earns a safe <strong>5% daily interest</strong>, turning the late game into a pure financial optimization puzzle.</li> </ul> <h3> 🚔 Random Encounters </h3> <p>The streets of '98 Metro Manila are unpredictable. A 15% chance of a cop chase keeps you on your toes forcing you to decide whether to <em>Run</em> (risking a fine and damage) or <em>Fight</em> (risking massive health loss). Muggings can suddenly wipe out your hard-earned cash, highlighting the importance of utilizing the bank. </p> <h2> Under the Hood: The Modern Tech Stack </h2> <p>What makes this iteration so impressive is how it leverages modern web technologies to deliver a flawless, client-side experience. </p> <ul> <li> <strong>Framework:</strong> The app is powered by <strong>Next.js 15</strong> and <strong>React 19</strong>, giving it lightning-fast state updates and a component-driven architecture.</li> <li> <strong>Styling:</strong> <strong>Tailwind CSS</strong> handles the retro aesthetic, utilizing custom glow shadows (<code>drop-shadow-[0_0_10px_rgba(34,197,94,0.8)]</code>) and animated pulses to bring the terminal to life.</li> <li> <strong>State Persistence:</strong> Custom React hooks (<code>useGameState</code>) tightly couple the game logic with the browser's <code>localStorage</code>, ensuring you never lose your progress if you accidentally close the tab.</li> <li> <strong>AI Integration readiness:</strong> While the core loop is deterministic, the project ships with the <code>@google/genai</code> SDK, hinting at potential future updates featuring LLM-driven complex events or dynamic NPC dialogue.</li> </ul> <h2> Final Verdict </h2> <p>This browser-based reimagining proves that great game loops don't age. By stripping away modern excesses and leaning hard into a highly optimized, stylized dashboard, this version of <strong>DrugLord</strong> delivers pure, unadulterated dopamine. The tension of holding onto a stash while waiting for a price spike, only to get mugged on the jeepney to Malabon, is as thrilling as ever.</p> <p>If you have a spare 15 minutes, step into the terminal, watch the market, and see if you can beat the high score. Just remember to pay the Loan Shark first.</p> <p>Check it out at <a href="https://drugs.vicentereyes.org" rel="noopener noreferrer">https://drugs.vicentereyes.org</a></p> webdev nextjs react Vicente G. Reyes Mon, 23 Feb 2026 10:55:28 +0000 https://dev.to/highcenburg/problem-15-longest-common-prefix-1bhm https://dev.to/highcenburg/problem-15-longest-common-prefix-1bhm <p>Hey everyone! 👋</p> <p>Today, we're solving a popular string manipulation problem: <strong>Longest Common Prefix</strong>.</p> <h2> The Problem </h2> <p>The goal is to write a function that finds the longest common prefix among a list of strings.</p> <ul> <li> A <strong>prefix</strong> is a substring that occurs at the beginning of a string.</li> <li> The function should return the longest common string that all words in the list start with.</li> <li> If there is no common prefix, it should return an empty string <code>""</code>.</li> </ul> <p><strong>Examples:</strong></p> <ul> <li> <code>longest_common_prefix(['flower', 'flow', 'flight'])</code> → Should return <code>'fl'</code> </li> <li> <code>longest_common_prefix(['dog', 'racecar', 'car'])</code> → Should return <code>""</code> (no common prefix)</li> <li> <code>longest_common_prefix(['interspecies', 'interstellar'])</code> → Should return <code>'inters'</code> </li> </ul> <h2> The Solution </h2> <p>Here is the Python implementation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="k">def</span> <span class="nf">longest_common_prefix</span><span class="p">(</span><span class="n">strings</span><span class="p">):</span> <span class="sh">"""</span><span class="s"> Finds the longest common prefix among a list of strings. </span><span class="sh">"""</span> <span class="c1"># Check for empty or invalid input </span> <span class="k">if</span> <span class="ow">not</span> <span class="n">strings</span><span class="p">:</span> <span class="k">return</span> <span class="sh">""</span> <span class="c1"># Set the first string as the initial prefix </span> <span class="n">prefix</span> <span class="o">=</span> <span class="n">strings</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="c1"># Iterate through the remaining strings </span> <span class="k">for</span> <span class="n">s</span> <span class="ow">in</span> <span class="n">strings</span><span class="p">[</span><span class="mi">1</span><span class="p">:]:</span> <span class="c1"># Shorten the prefix until it matches the start of the current string </span> <span class="k">while</span> <span class="ow">not</span> <span class="n">s</span><span class="p">.</span><span class="nf">startswith</span><span class="p">(</span><span class="n">prefix</span><span class="p">):</span> <span class="n">prefix</span> <span class="o">=</span> <span class="n">prefix</span><span class="p">[:</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span> <span class="c1"># If the prefix becomes empty, there is no common prefix </span> <span class="k">if</span> <span class="n">prefix</span> <span class="o">==</span> <span class="sh">""</span><span class="p">:</span> <span class="k">return</span> <span class="sh">""</span> <span class="k">return</span> <span class="n">prefix</span> <span class="c1"># Test cases </span><span class="nf">print</span><span class="p">(</span><span class="nf">longest_common_prefix</span><span class="p">([</span><span class="sh">'</span><span class="s">flower</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">flow</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">flight</span><span class="sh">'</span><span class="p">]))</span> <span class="c1"># 'fl' </span><span class="nf">print</span><span class="p">(</span><span class="nf">longest_common_prefix</span><span class="p">([</span><span class="sh">'</span><span class="s">dog</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">racecar</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">car</span><span class="sh">'</span><span class="p">]))</span> <span class="c1"># '' </span><span class="nf">print</span><span class="p">(</span><span class="nf">longest_common_prefix</span><span class="p">([</span><span class="sh">'</span><span class="s">interspecies</span><span class="sh">'</span><span class="p">,</span> <span class="sh">'</span><span class="s">interstellar</span><span class="sh">'</span><span class="p">]))</span> <span class="c1"># 'inters' </span></code></pre> </div> <h2> Code Breakdown </h2> <p>Let's walk through the code line by line:</p> <ol> <li> <p><strong><code>def longest_common_prefix(strings):</code></strong></p> <ul> <li> Defines a function named <code>longest_common_prefix</code> that takes a list of words (<code>strings</code>) as input.</li> </ul> </li> <li> <p><strong><code>if not strings:</code></strong></p> <ul> <li> Checks if the input list is empty or <code>None</code>.</li> <li> If it is empty, we return an empty string <code>""</code>.</li> <li> <em>Note: This is a safer and more Pythonic check than <code>strings is None or strings == 0</code> limit cases!</em> </li> </ul> </li> <li> <p><strong><code>prefix = strings[0]</code></strong></p> <ul> <li> Sets our initial assumption: let's assume the entire first string is the common prefix.</li> </ul> </li> <li> <p><strong><code>for s in strings[1:]:</code></strong></p> <ul> <li> Iterates through each subsequent string (<code>s</code>) in the list.</li> <li> <code>strings[1:]</code> is Python slice notation that means "all elements from index 1 to the end".</li> </ul> </li> <li> <p><strong><code>while not s.startswith(prefix):</code></strong></p> <ul> <li> Keeps running as long as the current string <code>s</code> doesn't start with our assumed <code>prefix</code>.</li> <li> <code>.startswith()</code> checks if a string begins with the specified prefix.</li> </ul> </li> <li> <p><strong><code>prefix = prefix[:-1]</code></strong></p> <ul> <li> Removes the last character from the prefix to make it shorter.</li> <li> <code>prefix[:-1]</code> is string slicing that takes all characters except the last one.</li> </ul> </li> <li> <p><strong><code>if prefix == "":</code></strong></p> <ul> <li> If we've removed all characters from the prefix, it means the current word shares no common letters at the beginning with our initial assumed prefix.</li> <li> We immediately return <code>""</code> as we know there is no common sequence.</li> </ul> </li> <li> <p><strong><code>return prefix</code></strong></p> <ul> <li> Once we've successfully compared our prefix against all strings, the remaining shortened string is safely our longest common prefix!</li> </ul> </li> </ol> <h2> Example Walkthrough </h2> <p>Let's trace the function with <code>longest_common_prefix(['flower', 'flow', 'flight'])</code>:</p> <ol> <li> <strong>Initialization:</strong> <ul> <li> Start with <code>prefix = 'flower'</code> </li> </ul> </li> <li> <strong>Compare with <code>'flow'</code> (First iteration):</strong> <ul> <li> <code>'flow'</code> doesn't start with <code>'flower'</code>? True.</li> <li> Remove last char: <code>prefix = 'flowe'</code> </li> <li> <code>'flow'</code> doesn't start with <code>'flowe'</code>? True.</li> <li> Remove last char: <code>prefix = 'flow'</code> </li> <li> <code>'flow'</code> doesn't start with <code>'flow'</code>? False. Stop while loop.</li> <li> Current prefix is safely <code>'flow'</code>.</li> </ul> </li> <li> <strong>Compare with <code>'flight'</code> (Second iteration):</strong> <ul> <li> <code>'flight'</code> doesn't start with <code>'flow'</code>? True.</li> <li> Remove last char: <code>prefix = 'flo'</code> </li> <li> <code>'flight'</code> doesn't start with <code>'flo'</code>? True.</li> <li> Remove last char: <code>prefix = 'fl'</code> </li> <li> <code>'flight'</code> doesn't start with <code>'fl'</code>? False. Stop while loop.</li> <li> Current prefix is safely <code>'fl'</code>.</li> </ul> </li> <li> <strong>Result:</strong> Loop completes, return <code>'fl'</code>. ✅</li> </ol> <p>Now let's try <code>longest_common_prefix(['dog', 'racecar', 'car'])</code>:</p> <ol> <li> <strong>Initialization:</strong> <ul> <li> Start with <code>prefix = 'dog'</code> </li> </ul> </li> <li> <strong>Compare with <code>'racecar'</code>:</strong> <ul> <li> <code>'racecar'</code> doesn't start with <code>'dog'</code>? True. Shorten to <code>prefix = 'do'</code> </li> <li> <code>'racecar'</code> doesn't start with <code>'do'</code>? True. Shorten to <code>prefix = 'd'</code> </li> <li> <code>'racecar'</code> doesn't start with <code>'d'</code>? True. Shorten to <code>prefix = ""</code> </li> </ul> </li> <li> <strong>Result:</strong> Prefix is empty <code>""</code>. Immediate return <code>""</code>. ❌ No common prefix found.</li> </ol> <h2> Key Optimizations </h2> <p>This approach relies heavily on <strong>Horizontal Matching</strong>:</p> <ul> <li> <strong>Shrinking Search Pattern:</strong> Instead of checking letter by letter precisely (vertical scaling index-by-index), we start by assuming the maximum possible prefix and aggressively peel off letters from the end whenever mismatches are found.</li> <li> <strong>Early Escape:</strong> If the prefix shrinks to an empty string at any point, we completely abort without iterating through the rest of the array strings.</li> </ul> <p>This pattern is highly effective, easy to read, and simple to reason out! 🚀</p> <p>Happy coding! 💻</p> python beginners learning Vicente G. Reyes Mon, 23 Feb 2026 05:29:30 +0000 https://dev.to/highcenburg/how-i-fixed-the-hashnode-graphql-api-stale-cache-bug-stellate-cdn-koh https://dev.to/highcenburg/how-i-fixed-the-hashnode-graphql-api-stale-cache-bug-stellate-cdn-koh <p>If you're using Hashnode's GraphQL API to fetch your blog posts for a custom frontend (like a React or Next.js portfolio), you've probably run into this incredibly frustrating issue: <strong>You publish a new post on Hashnode, but it doesn't show up on your website.</strong></p> <p>You check the API payload, and it's serving a stale list of posts. The new post is completely missing.</p> <p>I spent hours debugging this, trying every cache-busting trick in the book. Here's what didn't work, why it failed, and the actual simple solution.</p> <h2> The Setup </h2> <p>My portfolio runs on React (Vite) and uses Hashnode as a headless CMS. I fetch posts using <code>fetch</code> with the official Hashnode GraphQL endpoint: <code>https://gql.hashnode.com</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">https://gql.hashnode.com</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Content-Type</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">application/json</span><span class="dl">'</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">query</span><span class="p">:</span> <span class="nx">POSTS_QUERY</span><span class="p">,</span> <span class="nx">variables</span> <span class="p">}),</span> <span class="p">});</span> </code></pre> </div> <p>When I added a new post, my local dev server still only showed the old posts.</p> <h2> The Failed Attempts </h2> <p>Hashnode uses <strong>Stellate</strong>, a powerful GraphQL Edge CDN. Stellate sits between your frontend and Hashnode's database, caching responses to make the API blazing fast. However, its caching mechanism is exceptionally aggressive.</p> <p>Here are the standard tricks I tried to bypass the cache, all of which <strong>failed</strong>:</p> <ol> <li> <strong>Setting standard HTTP headers:</strong> Adding <code>Cache-Control: no-cache</code> and <code>Pragma: no-cache</code> to the <code>fetch</code> call. Stellate ignores these from the client.</li> <li> <strong>URL Query Params:</strong> Appending a timestamp <code>?_t=${Date.now()}</code> to the endpoint URL. Since this is a <code>POST</code> request, Stellate keys the cache off the request body, not just the URL.</li> <li> <strong>GraphQL <code>extensions</code>:</strong> Adding <code>extensions: { cacheKey: Date.now() }</code> to the JSON body. Stellate normalization strips this out.</li> <li> <strong>Unknown GraphQL Variables:</strong> Injecting <code>_cacheBust: Date.now()</code> into the <code>variables</code> object. Stellate strips unknown variables.</li> <li> <strong>GraphQL Comments:</strong> Injecting <code># ${Date.now()}</code> directly into the query string. Stellate parses and normalizes the query string, stripping comments before hashing the cache key.</li> </ol> <p>No matter what I did, inspecting the network tab always revealed the same mocking response header: <code>gcdn-cache: HIT</code>.</p> <h2> The Real Issue: Stellate Needs the <code>id</code> Field </h2> <p>The root cause isn't that Stellate is ignoring your cache-busting hacks; it's that <strong>Stellate doesn't know the data is stale.</strong></p> <p>Stellate automatically invalidates its cache when backend data changes (mutations). But to do this effectively across complex GraphQL graphs, it relies on a core concept: <strong>tracking Node IDs</strong>.</p> <p>If your query doesn't ask for the <code>id</code> of the entities it's fetching, Stellate cannot trace the cached data back to the actual database records. When Hashnode updates its database, Stellate's purge mechanism fires, but if your cached query didn't include IDs, Stellate doesn't know to invalidate <em>that specific query</em>.</p> <p>This is a well-known issue internally at Hashnode — they even created an ESLint plugin (<code>require-id-when-available</code>) for their own engineers to prevent it!</p> <h2> The Solution </h2> <p>The fix is almost disappointingly simple. <strong>You must include the <code>id</code> field in all your GraphQL queries and fragments related to Hashnode.</strong></p> <p>My original query looked like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">query</span><span class="w"> </span><span class="n">Publication</span><span class="p">(</span><span class="nv">$host</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!,</span><span class="w"> </span><span class="nv">$first</span><span class="p">:</span><span class="w"> </span><span class="nb">Int</span><span class="p">!)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">publication</span><span class="p">(</span><span class="n">host</span><span class="p">:</span><span class="w"> </span><span class="nv">$host</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">posts</span><span class="p">(</span><span class="n">first</span><span class="p">:</span><span class="w"> </span><span class="nv">$first</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">edges</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">node</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">slug</span><span class="w"> </span><span class="n">title</span><span class="w"> </span><span class="n">brief</span><span class="w"> </span><span class="n">publishedAt</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>The fix is simply adding <code>id</code> inside the <code>node</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight graphql"><code><span class="k">query</span><span class="w"> </span><span class="n">Publication</span><span class="p">(</span><span class="nv">$host</span><span class="p">:</span><span class="w"> </span><span class="nb">String</span><span class="p">!,</span><span class="w"> </span><span class="nv">$first</span><span class="p">:</span><span class="w"> </span><span class="nb">Int</span><span class="p">!)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">publication</span><span class="p">(</span><span class="n">host</span><span class="p">:</span><span class="w"> </span><span class="nv">$host</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="c"># &lt;-- ESSENTIAL FOR LIST INVALIDATION</span><span class="w"> </span><span class="n">posts</span><span class="p">(</span><span class="n">first</span><span class="p">:</span><span class="w"> </span><span class="nv">$first</span><span class="p">)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">edges</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">node</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="c"># &lt;-- ESSENTIAL FOR ENTITY INVALIDATION</span><span class="w"> </span><span class="n">slug</span><span class="w"> </span><span class="n">title</span><span class="w"> </span><span class="n">brief</span><span class="w"> </span><span class="n">publishedAt</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Make sure to add <code>id</code> to everywhere you query entities: the parent <code>publication</code> object, <code>posts</code>, <code>post</code>, <code>seriesList</code>, etc.</p> <p><strong>Why both?</strong></p> <ul> <li>Adding <code>id</code> to the <code>node</code> tells Stellate to update the cache for that specific post if it gets edited.</li> <li>Adding <code>id</code> to the parent <code>publication</code> tells Stellate to invalidate the <em>entire list</em> of posts for that publication when a new post is published or deleted.</li> </ul> <p>Once I updated my queries and refreshed, the CDN properly registered the unique records and lists. New posts now invalidate the cache automatically, and the API returns fresh data immediately upon publishing.</p> <p><strong>Takeaway:</strong> When working with GraphQL APIs behind Edge CDNs like Stellate, always fetch the <code>id</code>. It's not just good practice; it's the anchor for their entire caching strategy.</p> graphql webdev todayilearned