DEV Community: Michael Owolabi

Build a Passwordless Authentication in Node.js on Redis

Michael Owolabi — Fri, 30 Sep 2022 23:00:04 +0000

One of the most important and universal aspects of Software Development is how access to various services in the application is granted, over the years, many authentication models have been developed with various pros and cons. There is really no single perfect auth system without any flaws. It is impossible to have a system that is both “very” secure and convenient to use at the same time. The more we tend towards the side of “security”, the more difficult the user experience for most users, and various models have been developed to find that balance.
What is more practicable is to find what is more important in various use cases and apply it accordingly.

Like various other security systems have their origin traced back to the Roman empire, so can passwords be traced to the same root according to this Wikipedia page

Password has evolved a lot since its introduction and many encryption models have been developed over the years just to curb various password attacks. Sometimes, it’s not even that the password encryption model isn’t secure enough, in fact, most password breach is caused by human errors ranging from companies storing passwords in plain text, to users using weak passwords or just being careless or too trusting with their passwords.

Truth is that, as long as password exists, all these will continue to be an issue.

The most secure password is no password at all because, “If it exists, it can be cracked”.

What if we can eradicate passwords completely and be done with all the associated issues?

In this article, we are going to develop a password-less authentication system built on Redis where all the problems discussed above can be a thing of the past.

Please note that I’m not saying that this will be the most secure system, but at least we can be sure that our system will still be secured without all the associated problems listed above.

Why Redis for such an application you asked? For the simple reason that traditional databases are slow and Redis is super fast. We wouldn’t want our users to wait too long before they will be able to access our system now that the password is out of the way, would we? So let’s get to it.

Prerequisites

To be able to follow along with this tutorial, you need to have the following installed on your computer:
Node.js
npm
Code Editor (VSCode)
Postman/Web Browser
Mailgun Account

RedisInsight - Get one installed on your computer here if you don’t already have one.

Finally, you’ll need to have a Redis Enterprise account for your Redis cloud database. If you don’t already have that just head on to their website to create a free account.

Getting started

First, we are going to install the dependencies needed for this application so open your terminal and execute the following commands



cd desktop && mkdir passwordless-authentication && cd passwordless-authentication

Initialize the directory to create a package.json file by running



npm init -y

Install dependencies

Let’s install the various packages that we’ll be using for the development of this application by running the command below:



npm i express dotenv redis-om jsonwebtoken nodemailer

Lastly, let’s install nodemon as a dev dependency to aid our development flow by running the command below:



npm i -D nodemon

Now let’s create a simple Node.js server using express so as to be sure that everything is properly set up. To do this, create a new directory at the root of your project named “src” and inside it create a new file called index.js and paste the code below into the file.

In the scripts section of your package.json file setup the start scripts for your server by adding the following keys and values



"start": "nodemon index.js"

Now start the server by running npm start` in the terminal. You should see something close to the screenshot below logged to your terminal.

Now that we are sure that our server is properly set up, the next thing we need to do is set up our Redis database to handle the storage of our events data.

Redis Enterprise Setup

To setup your Redis database, login to your Redis enterprise account here. If you haven’t created an account yet just head on to the Redis website and create a free account. You should use the free credit coupon on the signup page to explore Redis beyond the free tier offerings.

On your Redis enterprise dashboard click the “New subscription” button, select “Fixed plans” and then choose the 100MB storage space option. You can choose any cloud provider of your choice but for the sake of this tutorial, let’s use the default (AWS) then make sure your settings are a replica of the screenshot below.

Do not worry, you will not get charged for the plan you chose since you applied a $200 coupon so you can safely add your card. We needed this plan to activate data persistence for our Redis DB because it will be odd to have an event management platform where every time you come back to it, it’s always empty 😀.

But just if you’re still skeptical you can choose the free (30MB) option only that your data will not be persisted but you would still be able to follow along with this tutorial using that option.

Make sure you also select the data persistence option of choice but in this case, we’ll be using the snapshot option that runs every hour. Click the “Activate database” button when you’re done to provision your database. After that, you should see the database configuration screen similar to the one below.

Visualizing your data

Now that we have set up our database properly, we need something to visualize our data stored in the Redis DB and this is where RedisInsight comes in. Now launch your RedisInsight and click the “Add Redis Database” button then copy and paste in your Redis enterprise DB connection string.

It is called “public endpoint” on your Redis enterprise DB configuration page. Then on the same DB configuration page, you would see your default username and password, copy those and paste them into your RedisInsght connection dialog after which you click the “Add Redis Database” button to connect to your Redis enterprise DB. You should see the DB summary on the next page which will be empty since there’s currently no data in your Redis database.

Connecting your Redis DB from the App

The next thing to do is to set up a connection to our Redis database from within the event manager app. To do this, create a new directory inside "src" called db and create a new file named "index.js" in the newly created db directory. Copy and paste the following code into the file.

{% embed https://gist.github.com/iMichaelOwolabi/ab7e7144aa3ea5e6033e7cdd22a2ee70 %}

Building the Passwordless Authentication

Now that all the building blocks have been set, let’s dive into building our authentication system without passwords.

The first thing we are going to do is to model our entity for authentication purpose. We will allow users to be able to log in with either their email or username so to do this, let’s create a directory in the src directory and name it repository. Inside the newly created repository, create a file called user.js and paste into it the code below.

{% embed https://gist.github.com/iMichaelOwolabi/c7dbc25e6706236e00c958edf0699068 %}

Here, we have modeled our authentication data and assigned the individual fields with the proper data type which is mostly string. You will notice that in the date fields, we have a new attribute “sortable”, this is something similar to “ORDER BY” in SQL which allows us to order the result of our query. In this case, we could fetch all users and order them from the most recently created to the least recent users.

We create an index on our user model by calling the "createIndex()" method on the repository from our schema. This secondary index is where the power of RediSearch shines the most. The performance of our search is directly proportional to how good our index is.

We’ll create a new directory in the src folder and name it routes. Inside the routes directory let’s create a new file called "authRouter.js" and paste in the following code:

{% embed https://gist.github.com/iMichaelOwolabi/0494dfab097b457855915367595b54d0 %}

This router file is where all our endpoints for the app is defined and it’s responsible for routing requests to the right controller function for execution.

You’ll notice that we imported some controller functions and a middleware into the authRouter file, so let’s go ahead and build them out. These auth methods here aren’t anything new that we haven’t seen before, the only difference is that instead of interfacing with traditional relational or Doc DB that directly write and read from the disk, we are using the super fast Redis as our DB which in turn makes our user authentication process fast.

So, create a new folder named controllers inside the src directory. In the newly created directory, create a new file named "authController.js" and paste the following code into it.

{% embed https://gist.github.com/iMichaelOwolabi/06cd1053d7e653ba920f0da725ac6e07 %}

In the code above, you could see some SQL-like query structure which makes the entire thing very friendly, this is made possible by Redis-om which is a new Redis client from Redis

Now, let’s sort out the dependent modules that we used in the auth controller file.

Even though our aim is to eliminate password from our authentication process in this app, we still need to make it secure else, we run the risk of allowing the entire Internet access to resource that shouldn’t be in the public view. So let’s create a new directory called utils straight inside the src directory. In the utils folder, create two new files namely, "jwtHelper.js" and "emailTransporter.js".

In the jwtHelper file copy and paste the following piece of code into it.

{% embed https://gist.github.com/iMichaelOwolabi/94d5a7282fe813b5bcffe970a35b93bc %}

Our approach to authenticate user simply involves sending the login credentials to the user’s email which serves as a means verification that even though the user isn’t using password to access their protected contents, we can still be sure they’re the ones requesting access that way which makes the system secure still.

Setting up email service

To send email, we need to user an email service provider and for the sake of this article, we are going to use Mailgun. To be able to send free emails, we need to add verified recipient so log in to your Mailgun account and click “sending” from the sidebar, from the list of dropdown options click “Domains”.

You should see the default domain provided you by Mailgun. Now click on the domain and you should see where you can add list of emails for verification.

Add the email you will be sending messages to for test purpose and verify the mail by accepting the terms from the email sent to the added email account. Something similar to what we have below.

Now that we’ve setup our email service, let’s plug it to the app so copy and paste the following code into the "emailTransporter" file.

{% embed https://gist.github.com/iMichaelOwolabi/4da4997767773f314914dbdefbd5c4db %}

We are getting closer to the end of the application. Let’s protect some of our endpoints from being accessible to unauthorized users. Create a new folder in the src directory named “middleware” then create a new file in the new folder called "index.js" and paste the code below into the file.

{% embed https://gist.github.com/iMichaelOwolabi/5aa9ac993e3104aa7673143c135111c0 %}

Bringing it altogether

Now that we’re done building the individual parts of the application, we need to find a way to make sure our server is aware of our routes so we are going to plug our auth router to the server by importing it to the index.js file at the root of the project. Just copy the following code and replace the content of the index.js file with it.

Lastly create a new file at the root of your project named ".env"
The env file is what we are going to use to store the secret values used in the app so that they’re not exposed to the public. In the env file, copy and paste the following then populate the values accordingly.

`
PORT=
REDIS_DB_URL=
REDIS_DB_USER=
REDIS_DB_PASS=
TOKENEXPIRATIONTIME=
JWTSECRET=

MAILGUN_SMTP_HOSTNAME=
SMTP_PORT=
MAILGUN_SMTP_USERNAME=
MAILGUN_SMTP_PASSWORD=
`

We have successfully built a passwordless authentication system in Node.js powered by Redis.

Startup your server by running the following command from your terminal right from the project directory
npm start

Now let’s test our implementations so far. Open Postman and create a user account, login and verify.

Creating a user account

Login screenshot

Congratulations on making it this far. Do share your thoughts in the comment section.

The complete code can be found in this Github Repository.

This post is in collaboration with Redis.

If you enjoyed working with us like we enjoyed working with you and want to continue writing for us, we’re now accepting applications for more blogs. You can apply here

How to build an event management application in Node.js + React on Redis

Michael Owolabi — Wed, 06 Jul 2022 18:12:37 +0000

You’re probably thinking, wait, did I read the title right? Build an event manager in Node.js and backed by Redis as the database? Just follow along and let me take you on a journey that will provide answers to as many questions as are probably going through your head right now.

In this article, we are going to build a fully functional event management platform on Redis but first, why will anyone want to use Redis as the only database in an application? One obvious reason will be that Redis is super fast, and fast database will have a direct impact on the performance of your application which will in turn impact the experience of the users of your application. So having said that, let’s get to it.

Prerequisites

To be able to follow along with this tutorial, you need to have the following installed on your computer:
Node.js
npm
Code Editor (VSCode)
Web browser/Postman
RedisInsight - Get one installed on your computer here if you don’t already have one.

Finally, you’ll need to have a Redis Enterprise account for your Redis cloud database. If you don’t already have that just head on to their website to create a free account.

Getting started

To get started, we are going to install dependencies needed for the application so open up your terminal (Command prompt on Windows) and enter the following command



cd desktop && mkdir event-manager && cd event-manager

Initialize the directory to create a package.json file by running



npm init -y

Install dependencies

Let’s install the various packages that we’ll be using for the development of this application by running the command below:



npm install express dotenv redis-om ulid jsonwebtoken bcrypt

Lastly, let’s install nodemon as a dev dependency to aid our development flow by running the command below:



npm install -D nodemon

Open the newly created app event-manager directory in your code editor of choice (I will be using VSCode here) and it should be similar to what we have below.

Open the generated "package.json" file and enter a key "type" with the value "module" in the top-level object because we will be writing our development code using the es module option.

Now let’s create a simple express server to be sure that everything is properly set up. To do this, create a new directory at the root of your project named “src” and inside it create a new file called app.js and paste the code below into the file.

In the scripts section of your package.json file setup the start scripts for your server by adding the following keys and values



“start”: “node src/app.js”,
“dev”: nodemon src/app.js”

Now start your node.js server by running the following command in the terminal:
npm run dev
You should see the following logged to your terminal:

Everytime you make changes to your application code, the server should automatically restart to pick the new changes.

Now that we are sure that our server is properly setup, the next thing we need to do is setup our Redis database to handle the storage of our events data.

Redis Enterprise Database Setup

But just if you’re still skeptical you can choose the free (30MB) option only that your data will not be persisted but you would still be able to follow along with this tutorial using that option.

Now on your subscription dashboard, click on the “New Database button”. Give your database a name and choose the Redis option under the “Type section” to specifically select the Redis module of choice which in our case is RediSearch. Make sure you also select the data persistence option of choice but in this case, we’ll be using the snapshot option that runs every hour. Click the “Activate database” button when you’re done to provision your database. After that, you should see the database configuration screen similar to the one below.

Visualizing your data

Connecting your Redis DB from the App

The next thing to do is to set up a connection to our Redis database from within the event manager app. To do this, create a new directory inside “src” called db and create a new file named index.js in the newly created db directory. Copy and paste the following code into the file.

Building user authentication into our event manager app

Even though we want the general public to be able to view events on our platform, we only want registered users to be able to create events. So let’s build some authentication into the system. In the src directory create four folders namely routes, controller, utils, and lastly middleware. We are doing this to keep things simple and clean to some extent.

Now, in the controller directory, create a new file called “auth.js” and paste the following code into it.

In the createAccount() function part of the codebase, we are saving the user account information in a Redis hash data structure and using the user’s email as the key since it will be unique across the entire database. We are generating a user ID for the user with the help of the ulid package which is a great alternative to uuid. We are interfacing with our Redis enterprise DB with the help of the "redis-om" client via the DB connection that we setup earlier.

The last thing that we need to do is create the jwt helper file that was imported here so create a new file under the utils directory called "jwtHelper.js" and then copy and paste the following code into the file.

The next thing to do is to connect our controller to a route. In the routes directory, create a file named “authRouter.js” then copy and paste the following code into it.

Now let’s ultimately connect our router to our express server. In the app.js file import the “authRouter” module and adding it to the server middleware stack by passing it to the use() function as below.



app.use('/api/v1/auth', authRouter);

Lastly, let’s create a new file at the root of the project directory called .env so that we can add all our secrets to it. Remember we’ve been using them across the project so copy and paste the following environment variables to your .env file and fill it accordingly. You will get all the Redis related variables values from your Redis enterprise DB configuration page.



PORT=
REDIS_DB_URL=
REDIS_DB_USER=
REDIS_DB_PASS=
TOKENEXPIRATIONTIME=
JWTSECRET=

Now, start the server and then test your newly created authentication flow via Postman or any HTTP client of your choice. Create a few users and log in with your credentials.

Building the event module

The event module is the heart of this application and where the full power of the Redis database comes to bear. Before now, it’s really a big hassle trying to perform the equivalent of an SQL-like queries in Redis. One has to follow or device many unconventional approaches to search saved data beyond just searching by the key.

The RediSearch module since its development has been a game changer in this regard. It’s now much easier to perform various searches e.g. fulltext search, aggregate search results, sort and so much more.

This is why we added the RediSearch module to our database while setting it up to be able to search events by various parameters so let’s get to it.

The first thing to do is model the data that we will be performing search on and creating an index out of it. The better your index, the more performant your search will be.

Modeling the data and creating the index

Create a new directory under "src" called repository and in it, create a new file named event.js the paste the following code into that file.

In the code above, again, we imported the redis connection that was created in the db directory since that is our gateway to the Redis enterprise database. Now let’s talk about the different “redis-om” data types assigned to various fields. Here, there are four major data types we are working with which are string, text, date, and point.

String: The string data type normally should be assigned to any field that we want to perform exact match search on e.g fields with definite list of values for example category, genre, type, etc. This type maps to TAG in the underlying RediSearch type
Text: The major difference between the string and text field is that you can perform full text search on the text field which is not possible on a field designated as string.
Point: This field is used for storing location value in terms of longitude and latitude so if you intend to perform location based search, then you should use the point type on such field. This type maps to GEO in the underlying RediSearch type
Date field is exactly what it means, working with dates.

Sometimes, we want to see the most recent entries first and vice-versa, to do that, we need to mark the field as “sortable” which will help us sort our search results based on various conditions.
You can read more about how schema/entities are created in redis-om here

Notice that there is one field in the schema "dataStructure" with the value "HASH", this is telling Redis that we want to use the hash data structure for the schema. This is necessary because by default redis-om uses the RedisJSON data structure and because we did not add that to our database while setting it up, it will throw an error.

RedisJSON is another Redis module which could be better suited for storing JSON-like data like the one we have here but I’ve decided to use the HASH data structure just to focus more on the RediSearch module in this article. More on that here

Finally, to create the index, you’ll call the createIndex() method on the schema repository.

Now that we have every bit of the puzzle needed to complete this amazing app, let’s bring them together.

Building the event management platform on Redis

In the controllers directory, create a file and name it "event.js" and paste the following code in the file.

Not much is going on in the "createEvent()" controller function, we are just calling the "createAndSave()" method on our exported event schema repository after passing the user event object into it.

The real power of the RediSearch module started becoming evident from the "getAllEvents()" controller function. Here, we are able to use some of the handy methods exposed by the redis-om library to fetch all events, sort them to ensure that the most recent event show up first and also paginate. Now, isn’t that sleek? 😉.

In an SQL based database, this query will look something like the following
SELECT * FROM table_name ORDER BY field DESC LIMIT limit OFFSET offset;

All of these aren’t an easy feat to do in Redis before the advent of the Redisearch module. Notice that we called the “sortDescending” method on the createdAt field which was why we marked it as sortable while defining our schema.
This is why I say that how performant your search will be will dependent on good your index is.

Another interesting controller function here is the "getEventsNearMe()" function. This uses the location given by the user and the distance they set or search within a 10 Kilometer radius if distance isn’t provided. We are able to do this because we marked the "locationPoint" field as "point" while creating our schema.

Lastly there is the "searchEvents" controller function that searches events based on two conditions, the category of the event and title. Of course if we are searching events by the categories it is easier to search the category as a whole e.g conference, concert etc. But if we intend to search events by their title, it wouldn’t make sense to expect our users to memorize the exact title of events.

This is the reason why we designated the title field with the "text" data type so that we can perform full text search on it which means that, if users remember a particular phrase in the title of the event they are looking for, they can search by that phrase and the various events with similar phrase will get returned to them.

Ok, enough of that and let’s complete the other parts of the application. You would have noticed that we had some dependencies used in the event controller file that doesn’t currently exist, so let’s plug in the missing pieces.

Create a new file called "pagination.js" in the utils directory and copy and paste the following code into it. This is just to handle our result pagination.

Remember the middleware directory that was created earlier? now create a new file in that directory called index.js and paste the following code into the file. This is what will ensure that only the right users have access to various parts of the application.

Let’s now plug our controller to appropriate routes so that users request will be handled in the correct manner. Create a new file in the routes directory called event.js and paste the following code into it.

Finally, let us make the presence of the event route known to our server by importing the event route module in the app.js file. By now, your app.js file should look like the one below:

Now that we are done, let’s test out the various endpoints for the event management application. So, fire up your Postman or any other HTTP client that you’re using and create some events, fetch all events, and search events using various parameters. Below are a few of the screenshot of my personal tests.

I suggest that you open up your RedisInsight to visualize some of the data that you’ve been saving all the while.

The complete backend code can be found in this Github repository

Building the frontend of our event management app using React.

The frontend code for the event manager application can be found here, just clone the repository, follow the setup guide and start both the server and the frontend app. You should be able to see some of the events that you’ve created. Perform some searches using various parameters.

There’s still so much that can be done to improve this app as listed below:

Search events by date range
Search events by country (I know we don’t have a country field and you can just update the schema with that. Don’t worry about your index, it will be rebuilt when you restart your server)
Modify event information e.g. the date of the event
Delete event...

Congratulations for getting this far. You have just built your event management application fully on the Redis database 👏🏼.

Do let me know what you feel in the comment section.

Below are some helpful links if you’re looking to explore Redis beyond what is in the context of this article:

Redis Developer Hub

Caveat

Redis-om is still in the preview stage and it’s not stable enough to be used in production at the time of writing this article. You can use other Redis clients if you intend to use Redis in production you can choose from other recommended clients here

This post is in collaboration with Redis.

If you enjoyed working with us like we enjoyed working with you and want to continue writing for us, we’re now accepting applications for more blogs. You can apply here

This is why your Node.js application is slow

Michael Owolabi — Tue, 08 Feb 2022 12:13:22 +0000

Many performance-related issues in Node.js applications have to do with how promises are implemented. Yes, you read that right. How you implemented promise in your Node.js app is most likely the culprit for how slow your app has become 🙈.

Promise is one of the popular ways of implementing asynchronous programming in Node.js which is a really good improvement over callbacks. First I’ll like us to get the literal meaning of promise outside of Node.js:

a statement that tells someone that you will definitely do or not do something
source

The keyword in the definition above is “WILL” which signifies sometime in the future. It simply means that a promise is an assurance of something that will happen in the future.

This is the exact concept of promise in Node.js which denotes that when we try to perform some operations whose results we cannot get immediately, we instead get an “assurance” of the result that will be available sometime later. The important question then is “while we wait for the promise to get fulfilled, is it ideal to “idly” wait and not execute other parts of the program, especially the ones whose results can be readily available or not?”

The answer to the question above will inform how you would work with almost inevitable promises in various parts of your applications.

There are many ways of working with promises in Node.js but async/await is a really nifty approach that many have grown to love over the years since its introduction. The truth is lots of .then in promise chaining is not very easy to keep track of when they grow to a considerable length (see example here) neither is callback (Callback hell see here). So it’s understandable why many will choose the more convenient and cleaner async/await but which sometimes can be injurious to the overall performance of your application when not applied correctly.

async/await <--> async/ablock 🤐

So, what is the problem with async/await? You ask.

The simple problem with it is that it is capable of slowing down your application greatly when not correctly used. Whenever a promise is marked with await in an async function, what you are saying is that, until the promise has resolved, the following code or code blocks in the function shouldn’t be executed which in itself is not a bad thing.

However, it becomes a problem when the code that follows can in fact be executed while waiting for the promise to get resolved because they are not dependent on the result of the resolved promise. Let’s consider the code below:

Result screenshot

In the code snippet above, even though the two awaits were unrelated they still block each other. The second promise did have to wait for the first one to resolve before it starts which means it will take double the time for all the promises to get resolved.

Below is a better to handle the promises such that they don’t block each other while still using your lovely await 😉

Result screenshot

Here we used await with promise.all to ensure that the two promises got executed in parallel which means instead of taking double the time as we had in the blocking example, the two promises got resolved together in ~2 seconds which was half the time of the blocking example. Now isn’t that good?

What to note here is that👇🏼

unrelated promises shouldn’t block each other

Does this mean related/dependent promises should block each other?

No! Depending on the case but most times, even dependent promises can be implemented in a way that ensures they are not blocking or the blocking gets reduced to the barest minimum for improved performance. Once again, let’s consider yet another example of this scenario:

Let’s say in an employee management system, you want to get the list of employees alongside their next of kin information.
In such a system, we first need to get the employee information and use that to find their next of kin which means we will have a dependent promise situation. Let us look at both the inefficient and a more efficient way to do this:

Below is the actual logic that determines how to work with the employee and next of kin data in the DB. This is where all the good and bad choices will matter:

Result screenshot

Here, the second asynchronous operation had to wait for the first to complete before starting which is fine, but the problem is in using await inside the loop which every asynchronous operation (getting next of kin) had to wait for the one before it 😳 This is bad. Don’t do it.

One of the cases of bad use of async/await is inside a loop.
Majority of the time you can and should avoid it,
at least if the performance of your application and the
time of your user matters to you then you should.

Now let's look at the better approach below:

Result screenshot

Notice that in the code snippet above since the second operation is dependent on the result of the first one and there are no other synchronous operations that will be blocked, as a result, we waited until all employee records are available before starting the next operation that gets their next of kin information.

However, instead of each iteration of promise to wait on the one before it, the promises were stored and executed in parallel which saves immense execution time than the first approach, and the entire operation finished in ~2 seconds as opposed to the first blocking example that took ~6 seconds to complete execution.

Blocking the event loop 🚫

Another reason your Node.js application may be performing poorly is that you could be blocking the event loop in your code.

The Event loop is responsible for executing actual JavaScript and non-blocking I/O in Node.js

You can read more about the event loop here

We say that the event loop is blocked when it is not able to continue executing JavaScript while an operation that does not require the event loop (i.e non-JavaScript operation) is being processed e.g reading a file synchronously.

Let's consider the example below:
Assuming that in your application you need to work with countries and you have a list of countries as an external CSV file which you need to access in your code. In the code snippet below, the file reading operation blocks the event loop and ultimately affects the application’s throughput and performance because until the file reading operation completes, nothing else gets executed.

Result screenshot

Now, let’s consider a better way this can be done in a way that it doesn’t block.

Result screenshot

Since the actual reading of the file is an I/O operation that does not require the event loop, this operation shouldn’t block and that is what is done here as the event loop is freed up to execute other parts of the application until the result of the file reading operation becomes available.

The code snippet above uses callback which is just another method of implementing asynchronous programming in Node.js. This can be easily converted to promise so that you can use your lovely async/await for the same. One way of doing that will be to wrap the file reading operation in a promise and make the returned value a promise.

There are definitely more reasons why your Node applications may perform poorly in terms of performance but these are the more common ones I have seen. You are welcome to share more insights in the comment section.

Conclusion

The key things to remember regardless of which approach you chose to use when working with promises in Node.js is to ensure:

Unrelated promises do not block each other.
Non dependent promises are executed in parallel and not sequentially.
Don't use await inside a loop.

Regarding the event loop:

Whatever you do, ensure that the event loop isn’t blocked.

If you can keep these in mind, you will be intentional about taking better decisions on which approach to use so that the performance of your application doesn’t suffer.

KYC for Software Developers

Michael Owolabi — Fri, 30 Apr 2021 21:50:33 +0000

KYC which stands for “know your customer” 🔎 is a concept popularized by the finance industry which was introduced to prevent/reduce financial crimes. KYC has helped a great deal in combating various financial crimes but it has also been a mechanism businesses over the years leveraged to serve their customers right since they have done due diligence on them.

The latter part of the benefits of KYC as explained above is what we will focus on in this article as Software Developers. But first, what exactly does KYC mean for Software Developers?

KYC for Software Developers - What it means

Just as we have it in the finance sector, KYC is simply knowing who our customers/clients are as Software Developers in order to be able to serve them well. I’m sure you must have heard the saying “customer is king” 👑.

The truth is, we all have customers even as Software Developers, and wouldn’t it be great that we get to know our customers well enough in order to know how best to delight them?
So, the question is that “As a Software Developer, do you really know your customers”?

Do you know your customers?

Firstly, who is a customer? According to this Wikipedia definition, a customer is “The recipient of a good, service, product or an idea”. Using this definition in the premise of software development as developers, it means that whoever we render software service, product, or an idea to is our customer.

In this article, we are going to only explore KYC as it relates to 2 categories of developers.
1 Backend Developer
2 Frontend Developer (Mobile and Web)

Caveat ✋🏼

The end-user of the product is the ultimate customer of all Software Developers regardless of which side of the technology you work in. If you don’t put the end-user in mind while developing the product, you’re most likely just setting yourself and the team up for failure.

There is no product without the end-user, it is as simple as that so effort should be put into knowing them so as to develop a great product that meets their needs/wants.

Customers of a Backend Developer

The following people are the ones you should hope to delight as you work on the server-side of the product/application.

As a backend developer your customers are primarily the frontend developer, the product manager, and then the end-user of the product. Let's talk about how that is below 👇🏼

Frontend developer (Mobile and Web)

Since the frontend developer is the one who will be consuming your carefully crafted APIs and present your work in a more friendly way to the end-user, as a backend developer, you need to develop the habit of delighting the frontend developers on your team.

Putting the frontend developer in consideration when developing applications can actually help in developing better solutions on the server-side of things.

How well you satisfy your frontend developer(s) will have a direct impact on the end-user of the product. For example, if your endpoints have terrible response times, you will most likely frustrate the frontend person especially when some of these endpoints are ones with data that change very often.

In this case, even the end-user will be affected and there will be nothing the frontend developer can do about it. So, invest time in knowing them so that you can delight them 😉

image source

Product Manager

Equally, the product manager is the direct customer of a backend developer and you will need to deliver in a way to keep them satisfied as well. To put the product manager in mind is to carefully examine and understand the product requirements and vision of a product which in turn will lead to churning out better software.

Customers of the Frontend Developer (Mobile/Web)

As the frontend developer, you’re the closest person to the end-user and they are your number one customer alongside the product manager and the backend developer so you should take your time to know them and work to delight them.

End user

Since you’re the gateway into the application/product and like they say, “the first impression lasts longer”. Whatever experience you leave the user with during their first encounter with the product can be a determinant as to whether or not they will continue using the product so you should try your best to make sure you leave them delighted as much as possible.

Make sure you always advocate for the end-user at every available opportunity because they are the most important entity to the product and you are the one interfacing directly with them.

Backend Developer
Just as you are a customer to the backend developer so is the backend developer a customer to you. The relationship between you two is bi-directional so you should try to make their life easier the same way they should yours.
A good synergy must exist between you two to create an amazing product that your users will love.
Product Manager
Yes, the product manager is your customer and not your enemy as the frontend developer. Knowing your product manager well can help you understand their vision beyond the written requirements for the product which will in turn help in crafting out a better solution that will make everyone happy.

Conclusion

“Customer is king”, investing in knowing them will mean that you’ll be able to serve them in ways that keep them delighted and, a delighted customer is a loyal customer who will continue to sing your praise without paying them to do so.

image source

Even though in the software world, the word “customer” often refers to the end-user but the truth is in order to delight the end-user by our application via the code we write, we need to keep our internal customers delighted as well failure of which will have a bad ripple effect on our end user.

So, I’m putting it to you as a Software Developer reading this that you should endeavor to know exactly who your customers are both internal and external, and strive as you write your code to keep them delighted.

What case should your API request/response be?

Michael Owolabi — Thu, 11 Mar 2021 20:11:18 +0000

As a backend developer who writes APIs from time to time, I’ve always wondered if I am delighting my customers who in most cases are other developers when interacting with my APIs.
Thoughts like these always make me think about lots of things from performance, speed, etc. But very recently I started to think about how the final result of my APIs are formatted and how my supposed customers would prefer to have it. This, most times is not top of mind when writing APIs.

The programming language we use for a particular application usually determines how we structure/format strings. Generally, there are about 4 popular cases for naming things in different programming languages which are:

Camel case - JavaScript e.g firstName
Pascal case - Pascal e.g FirstName
Snake case - Python e.g first_name
Kebab case - Lisp e.g first-name

So the question is:
what should be the perfect case for the request/response object of my API?
What case do other developers using my API expect to see while interacting with my API?
Should the language I code in be the determinant of how my API request/response object case will be formatted?

These thoughts took me on a journey of API exploration. I don't think there is a better way to get an answer to this question than examining the documentation of some existing brands. Below is what I discovered👇🏼

What I’ve seen so far 👀

Stripe:
Stripe uses snake case for their request/response object across their APIs regardless of the language used. Take a look at their documentation page here

Monnify:
Monnify is a brand of TeamApt, a Fintech company just like Stripe based in Lagos, Nigeria. Monnify uses camel case for the request/response object of their APIs. You can have a look at their documentation here

Twitter
Twitter mostly uses snake case for the request/response object of their API doc at least the parts I’ve worked with. You can also take a sneak peek at their doc here

Eventbrite
Eventbrite just like Stripe uses snake case for their request/response API object. You can take a look at their doc here

Carbon
Carbon API documentation, different from every other one we have looked at uses a mix of snake case and camel case for their request/response object. This is the first time I am seeing anything like this. You can also take a look at their doc here

Conclusion

I must confess that I have seen more JSON-based API request/response object for many documentations in snake_case than any other case but I have also seen a fair share in other cases especially camelCase. I have equally written some endpoints that uses snake case and camel case in various APIs as well but I will also like to have your opinion on this subject.

P.S.

This is a very short article on a very focused topic through which I hope to drive meaningful conversation so do not hesitate to share your opinion on the topic in the comment section below.

Frontend Developers

As a frontend developer (mobile or web) what case do you expect to consume your API in or what is your most preferred case?
Do you use any library to convert your request/response object to your preferred case of choice should the API not be in that case?

Backend Developers

Does the language you write in determine what case your API request-response object will be?
Do you use any library to unify your API request/response case irrespective of the language? Care to share?

Ask questions, ask lots of it

Michael Owolabi — Mon, 28 Sep 2020 07:23:44 +0000

If there is one thing that software development has taught well, it is the fact that whatever you don’t know, you do not know. You cannot brag or pretend your way into building or fixing stuff in this field. You will end up ignorant and obsolete especially in this tech world if you’re not willing to sit and learn or humble enough to ask for guidance.

Contrary to what many think, it’s actually the smart people that ask questions. The unintelligent ones will never realize the need to learn what they need to learn in order to achieve their desired result. Some feel too big to ask for help while others are more concerned about what others will think than their own success.
Wake up from your slumber and don’t spend years on what should take you days to accomplish because you have refused to ask questions.

“The smart ones ask when they don’t know. And, sometimes, when they do.” - Malcolm Forbes

Why should you ask questions?

Apparently, if you’re the one who doesn’t like to ask questions then you might be in the wrong field because things change very fast when it comes to software development or tech in general and you cannot afford to keep struggling in silence while the world leaves you behind when you can easily ask the next person for help and save valuable time.

Saves you valuable time

Simply opening your mouth to ask questions can save you hours, days, or even weeks of frustration. There have been times when I’ve spent hours trying to fix a particular bug and kept on wondering why my code wasn’t working as it should, but when I call on someone else to help take a look, we got the issue resolved in less than 5 minutes. Now, I could have saved myself lots of valuable time if I had asked for help earlier.

Another way that asking questions can save you valuable time especially if you’re a beginner is that you will not spend your limited time learning what is irrelevant or outdated. There are tons of materials on the Internet today, but not all materials are beneficial to you when trying to learn or grow as a software developer in 2020 so save your self the stress and ask questions.

Saves you from making stupid mistakes

Mistakes are definitely inevitable and while we all make mistakes from time to time, you should not be among the ones who make stupid/avoidable mistakes on a recurring basis only because you have refused to ask questions. Majority if not all of the things you will ever try to do as a software developer have been done before so if only you can ask for help from those around you will not make avoidable mistakes. This is why standard/best practices were developed so that you will not make the same mistakes as the people before you. When you ask questions, you are literally standing on the shoulders of giants and thereby you will not make foolish mistakes.

Broadens your knowledge

“Questions and not answers create knowledge” that was the inscription on one of my faculty students association shirts while in the university. I have always thought about this statement from the first time I saw it on that shirt and I have come to realize that it is true.
It is indeed our curiosity for knowledge that always prompts us to ask difficult questions or any question at all and by doing that we unlock an enormous wealth of knowledge. When you ask questions, you learn new things or learn a new way of doing the same thing better and thereby broaden your scope of knowledge very fast.

Everyone (Experts, Colleagues, Mentors, Friends) has been saying this for too long

Ok ok enough of all that! Maybe you’re wondering what I am talking about and still not convinced that asking questions can give you an advantage in this field, that’s fine. You don’t have to take my word for it just know that some of those we call friends, colleagues, and look up to in this field have been saying this same thing for a very long time.
So, I’ve done you the favor of curating some of their tweets, just take a look at the gallery of tweets screenshots below and see why it is important for you to ask questions in their own words.

What you can do to help

Different people have different reasons why they choose not to ask questions but the majority are just more concerned about what others will think or say about them asking questions. While this shouldn’t be an excuse per se, it is a fact that we can create an enabling environment where individuals feel free to ask questions without being labeled or made to feel as though they are dumb.

In order to achieve this we must all ensure that when people ask questions, we don’t judge them either by our words/actions and that we don’t put people down directly or indirectly for asking questions but rather encourage and create that enabling environment where others are free to ask.

Conclusion

You have limited time and there is so much to learn as far as software development or tech in general is concerned. In fact, it is impossible for one person to know it all but the only chance you have not to waste your limited valuable time and make avoidable mistakes is by asking questions. Be humble enough to admit things you don’t know and summon the courage to ask for help.

My challenge to you after reading this is to imbibe that culture of asking questions and you will be surprised how much people are willing to help only if you ask._

If you like this article, kindly share with your network so that others can benefit as well. I can also be reached on Twitter @iMichaelOwolabi

Redis Data Structure Part 1

Michael Owolabi — Sat, 01 Aug 2020 13:56:31 +0000

One of the outstanding features of Redis that make it is so loved among the developer community is the speed at which various operations are carried in a Redis database. So many things contribute to this efficiency in speed but one thing at the core of Redis regardless of how one chooses to look at it is its robust data structure.

The performance of every application that uses Redis is directly tied to how the application implements the various Redis data structures.

In this article, we are going to examine various data structures in Redis so as to give us insight on when it’s best to use which of the available data structures so that we can take full advantage of all the goodies Redis has to offer in our applications.

Prerequisites

To get the most out of this article, I strongly recommend that you get a copy of Redis for your computer here OR use the online Redis server at https://try.redis.io/ to try out simple commands that will be used in the course of this article.
Basic knowledge of Redis

Redis Data Structures

Below, we will examine a few of the data types that we have in Redis.

To get the type of value a key holds in Redis you can use the type command to do that as shown below.

type key1

String

This is the base and simplest data structure in Redis that can be associated with a key. Strings in Redis are binary safe and support polymorphism which means that a string key can be modified to hold binary, integer, or even floating-point values. String in Redis has a limit of 512 Mb data size that can be stored in them.

Common commands and operations in Redis String

SET
This is the command used to set or declare a Redis key to hold a string data type.

set day Saturday
set name “Michael Owolabi”

Notice that I quote the value in the second example. We use the quote to group string that contains spaces in them.

GET
This can be used to retrieve the value stored in a string Redis key.
Get name will return the value “Michael Owolabi” that was set earlier.

INCR
This command is used to increment the value of a key by exactly one (1).
This is possible if the actual value of the key is a number. Remember that we said Redis strings are binary-safe
E.g.
Set price 10
Incr price
Get price returns 11 because its value has been increased by one.

The full list and detailed explanation of various Redis String commands can be found here

Hashes

A hash can be likened to objects in JavaScript or dictionary in Python or generally a JSON-like data type. It is like a mini key value stored within a Redis key.
A hash can have as many field-value pairs as possible until the size limit of a hash is reached which is 232 - 1 field-value pairs (more than 4 billion).

Redis hash is good for storing JSON like data especially when we’ll be working with the individual fields in the hash.

Common commands and operations in Redis Hash

HMSET
This is used to set the field-value pair of a hash key in Redis
e.g

hmset user:1 firstname Michael lastname Owolabi sex Male

This is the equivalent of a JSON structure like so:
{
"user:1": {
"firstname": "Michael",
"lastname": "Owolabi",
"sex": "Male"
}
}

HGET
This is used to retrieve the value of a single field in a Redis hask key. For example, suppose we want get the firstname of user:1 we’ll use the hmget command as below:

hmget user:1 firstname

HGETALL
Instead of retrieving the individual field value, this command is used to retrieve the entire field value in a Redis hash key.

hgetall user:1

The full list and detailed explanation of various Redis hash commands can be found here

List

This is an ordered collection of elements. Redis list is similar to Arrays in Ruby or JavaScript but differs in that it is implemented using a linked list. Lists in Redis provides a simple way to implement queues, stacks, and other data structures that rely on ordering.

Common commands and operations in Redis List

Unlike String and Hash in Redis, we don’t set a list instead we add or push elements on to the list

LPUSH
This command is used to add an element to the list from the left. The L in the command denotes that we want the new element(s) to be added to the list from the left.
For example, suppose we want to add numbers from 1 through 10 to a number list from the left we do it by running the command below:

lpush numbers 1 2 3 4 5 6 7 8 9 10

Since Redis list is zero-indexed, this means that element at index zero is 10 and the one at index nine is 1 because the elements are added from the left.

RPUSH
This is simply the opposite of the LPUSH command. It adds elements to the array from the right instead of left as we have in LPUSH.

LRANGE
This is used to retrieve elements of the list using a range.
To retrieve all the elements of a list specify the range from 0 to -1 which is the end of the list.

lrange numbers 0 -1

To get the element at a specified range or index specify the desired start and end index for elements you want to retrieve.
Lrange numbers 0 0 will return the element at index zero (0).

LLEN
This returns the length of the list.
llen numbers will return 10 since we have ten elements in the list.

The full list and detailed explanation of various Redis List commands can be found here

Set

The set data structure in Redis is an unordered collection of unique strings.

Common commands and operations in Redis Set

SADD
This command adds a new element or elements to the set e.g SADD cities Lagos Ibadan Accra will add three elements to the cities set.

This command only adds unique elements to the set, so for example, if we have repetitive numbers in an SADD command, only one of the repeated numbers will be added to the set provided the number does not already exist in the set.

SMEMBERS
This is used to retrieve all the elements of a set. This command is a total blocking command that will only release system resources until all the elements of the set have been retrieved.

smembers cities

SSCAN
This is also similar to SMEMBERS command but only that this command runs iteratively or asynchronously without holding on to the system resources until all elements of the set have been retrieved.

SCARD
This command is used to get the length of a set or just the total number of elements in a set.

scard cities

SREM
This command is used to remove one or more elements from a set by the value.

SREM cities Accra

The full list and detailed explanation of various Redis Set commands can be found here

Sorted Set

This is basically a set only that a score is assigned to unique elements as a form of ordering so this means sorted set can be unofficially called an ordered set.
If two elements in a sorted set have the same score, then the tie is broken by the lexical order of the elements in the set.

Note:
The score associated with each element is a floating-point number so even if an integer value is provided as the score of an element, it will be automatically converted to a float.

Common commands and operations in Redis Sorted Set

ZADD
This is used to add an element or elements along with their score to the set.

zadd student-score 98 Michael 82 Bisi 78 Hamdallah 85 Chigozie

ZRANGE
This retrieves the elements of a sorted set

zrange student-score 0 -1

ZRANGEBYSCORE
This returns elements of the set based on their score. For example, suppose we want to find the students who scored 90 and above we can do it by using the zrangbyscore command as shown below:

zrangebyscore student-score 90 +inf

We can use -inf and +inf to denote a range especially when we don't know the bound of values.

ZSCORE
To get the score of an element in a sorted set, we use the zscore command. Suppose we want to get the score of Hamdallah in our sorted set we use the zscore command to achieve that as follows:

zscore student-score Hamdallah

The full list and detailed explanation of various Redis Sorted Set commands can be found here

Conclusion

The knowledge of the Redis data structure is very vital to building a very efficient Redis based applications. Redis is fast and very efficient but with appropriate use and application of its data structures.

If you find this article interesting, don’t forget to drop a ❤️ and use the comment section for any further comments.

Coding Convention: Why your team should adopt one quickly

Michael Owolabi — Thu, 16 Jul 2020 16:21:30 +0000

Your team needs to adopt its coding convention and do it quickly. This is a case of either do it or suffer the consequences.

I am sure you have seen various arguments on issues like tab and space, snake_case and camelCase (DB related), naming convention, etc all these and many more are issues you will eventually have to address whether early on by adopting a team coding convention that will serve as a guide and ensure that everyone can sleep well at night or later on in the development stage where you have to do some tear-down and re-building because you have failed to address an important issue early on.

What is coding convention?

These are sets of guidelines adopted by a software development team which enables the team to write consistent and easy to understand code by all team members. Usually, a team’s coding convention is a set of guidelines which is a document that guides not just how variables and methods should be named or the number of spaces that make a tab but which can also include the overall structure of the code and choice of design pattern used.

Notice that I called it adopted because, in many cases, you will not have to define all these guidelines from scratch but rather use one or a mix of the existing conventions in your team.

A note on best practice

The fact that various best practices at best are silent on some salient issues, then your team needs to develop exactly what is best for it.

Nothing is best about best practices if it does not benefit your team

Why your team should adopt one fast

Adopted team coding convention ensures that the team writes consistent code which means that there will be less back and forth among team members about code clarity.

Image source

It helps new team members onboard quickly because they can always have some sort of guide while looking at your codebase in a bid to understand it to be able to add valuable contributions thereby reducing the Turn around Time for delivery and increasing throughput.

It helps in code maintenance. Having uniformity in codebase helps because everyone understands exactly where to find various pieces of code across the codebase and this helps greatly in maintenance.

Faster debugging. When you know where to find what, part of the problems is solved while debugging since you won’t have to start troubleshooting to know the exact location of various files/code in the codebase because there’s a certain way that your code is structured which is clear to all team members.

In general, adopting a team coding convention/guideline early on in the development process helps the team to work more efficiently than when each team members have their different styles which can lead to a problem when trying to integrate various parts of the codebase.

The chaos to expect if you fail to do so.

At best, you are the only developer in your team and you hope to leave as soon as the team starts to expand, by that, new developer team members won’t have your head 😂

Image source

Not having or adopting a particular coding convention for your team will lead to delay in development time because part of the time will be spent on arguing what is actually best from individual perspectives while in reality most of these things are really just based on preferences.

Debugging nightmare
Because you are not exactly sure how the other team member has structured his or her code, so much time can be wasted trying to find where various files are in order to be able to use them in debugging.

Useful Tools

Here are some nice open-source tools that can help in enforcing team coding convention. Although it may seem a little not convenient at first, it will be a great time saver in the long run.

Linters: ESLint (JavaScript)

You can find various linters for your equivalent programming languages, they practically do the same thing. If you would like to know how linter works check here

Style guides: (Airbnb - JavaScript, PEP 8 - Python, Google Java style guide - Java)

These are predefined guides that you can adopt for your team and integrate with your linter to the hard work of ensuring every line of code adheres to your adopted team’s coding convention.

In conclusion, whether you choose to address the issue of coding convention early on in the development stage or you leave it to chance and at the mercy of individual team members, one thing is sure, you will still have to address it at some point in your development journey and one will be costly while doing it at the early stage will be beneficial to all.

Your email could be your biggest career advancement enemy

Michael Owolabi — Tue, 30 Jun 2020 16:27:08 +0000

My email is usually one of the first things I look through in the morning to check for anything new overnight. Recently, I was having not less than 15 unread emails in my inbox for about 5 consecutive days and I wasn’t feeling comfortable with it. All I do during these times is just to quickly scan through my mail for anything important and new and I could easily miss things this way.
So, after about a week, I decided I was going to take the time out to correctly sort out my personal email, not just my inbox but my entire email and that was exactly what I did. While doing that I discovered something shocking and that is the reason I thought to write this article and I hope that it benefits and charges you to change your habit towards your email.

What I discovered

As I was taking my time to properly sort my mail moving from tab to tab (by the way I use Gmail) I finally clicked on “All Mail” and was shocked to see tons of unread emails that never made it to my inbox and some even carried the inbox flag. So I continued the email sanitation by deleting irrelevant emails and clicking the unsubscribe buttons whenever necessary.
Just as I was doing this, I came across two mails that didn't look like marketing or spam so I decided to take a peek into its content and alas! my suspicion was true in the two instances.

The two mails were interview invitations from two organizations, one local, the other foreign. I was dumbfounded for a little while because the emails have been sitting somewhere in my mail for over four (4) months and that was the first time I was seeing it.
On looking closely at the timeframe of the emails, it was around the same time I was out of a job and was looking for new opportunities. During that time I had sent out multiple applications and reached out to my network for a new job.

Eventually, when I did some research about the two organizations, I discovered that I never directly applied to them which means someone had dropped my contact as a form of referral at the companies and you know what they say about referrals when it comes to job search 😭.

Yes, just like that, it dawned on me that I had missed what could have turned out to be an interesting opportunity had all mails carrying the inbox flag actually did make it to my inbox or had I made a habit of always checking all emails instead of just the ones that make it to my inbox and spam.

image source

Why did I say your email could be your biggest career advancement enemy?

Come to think of it, email is the professional means of communicating official information between different parties. What this means is that if you’re going to get a new job or contract you will most likely get to know via an email, likewise, if you’re being promoted or probably getting a raise it will definitely be accompanied by an email, the same is true even for business owners/entrepreneurs.

Moreover, With different anti-spam algorithms flying around chances are that some of your important emails may be wrongly classified and never make it to your inbox. If you are like me who prioritizes my inbox and rarely check spam or other tabs quickly enough, you might miss out on great opportunities.

However, there are other times when our emails aren’t wrongly classified but we are just too lazy to read and properly sort our mails and by that, we have so many unread emails at the same time making it very easy for important ones to get lost in the stack of read/unread emails. In this case, it is not the email service providers that are hampering your professional progress. It is you due to your bad habit towards your email.

Image source

I know some might be thinking, “of course, I’ll pay better attention when applying for a new job or when I have something important on the way”, this can not be more wrong. There are times when you might have been referred or otherwise and a great opportunity would just be missed because you are never in the habit of tidying your email until you have something on the way.
This is even more terrible because your bad email habit coupled with some wrong email classifications is a recipe for professional disaster.

I did a poll on Twitter barely 24 hours to publishing this article regarding how people miss opportunities because they got to see email a little too late and the result I got was alarming. From the result, 65.4 % of the respondents said they have missed opportunities due to seeing email a little too late. That’s some very scary percentage. Here is the link to the poll https://twitter.com/iMichaelOwolabi/status/1277699498190483457?s=20

How can this be resolved 🤔?

Now that we have identified some of the reasons that may be contributing to missing great opportunities emanating from our emails and its usage, below are the mitigating steps that can be taken to ensure we don’t miss great opportunities to poor email management.

1. Check all emails, not just the ones in your inbox

Just like I stated earlier that as a Gmail user, even some emails with the inbox flag did not appear in my inbox and I did not get to see them until I checked the All mail section so also can your important emails be wrongly classified and placed under a different tab than your inbox so, always ensure that you check all emails from all tabs so as to ensure that you do not miss a great opportunity due to wrong email classification.

2. Read your emails daily

There’s no fun in having tons of unread emails and increasing the chance of missing important ones. Make a habit of actually reading your emails daily. Not just logging into your email system and scanning through, but properly reading them and deleting unnecessary ones so that it becomes easier for you to spot new emails one of which may come bearing good news of juicy opportunities.

3. Unsubscribe often

Yes, I said it. Most of the emails we get are usually some marketing related stuff that does not directly have anything to do with us or help our career in the shortest time possible. Be truthful to yourself while wielding the “axe of unsubscribe” and properly weed out all mail correspondence that is not beneficial to you in any way. Also, swiftly click the unsubscribe button because if you don’t, these are the ones that will mask important emails thereby increasing your chance of missing out on what could be a life-changing opportunity.

Conclusion

Emails will continue to be an important part of our professional lives and we must be deliberate about using it well to our advantage. Failure to do this may gravely impact our careers and what should have been a great tool for us could easily turn out to be our biggest career advancement enemy.
So:

Check all emails not just the ones in your inbox

Read your emails daily

Unsubscribe often

If you have other great tips, feel free to share it in the comment section. I can also be reached on twitter via @iMichaelOwolabi

Why you should learn Git 📌

Michael Owolabi — Fri, 05 Jun 2020 17:18:44 +0000

This article is about why I think everyone (Software Developers) should learn Git but before we delve into this proper, I want us to explore briefly what Git is.

Fun Fact 😊

Git was developed in 2005 by Linus Torvalds majorly for the development of the Linux kernel after a fallout between the Linus team and the Bitkeeper proprietary DVCS solution provider. More about that here

What is Git❓

Git is an open-source distributed version control system used for tracking changes in source code during software development. It is designed for coordinating work among programmers, but it can be used to track changes in any set of files. Its goals include speed, data integrity, and support for distributed, non-linear workflows. wiki

If you examine the definition above well, you’ll notice that Git is all about collaboration (coordinating work among programmers), integrity (tracking changes), etc. In Git, if it’s ever commited it will be tracked.

 "If it’s ever comitted it will be tracked"

Source

Now that we have refreshed our memory of what Git is, let us talk about why you should learn it ASAP.

Why Git❓

As software developers, whether you are hoping to build the next thing that will change the course of history or you just want to know enough to make ends meet, chances are you will not do this alone which means you need others to actualize that dream. If you fall anywhere within this wide spectrum then you need to learn git as soon as possible.

Git is the most popular distributed version control system

Since my career in software development, I have never seen a job requirement that required any other form of DVCS than Git. As a matter of fact, more often than not you will not see Git as a requirement for most job descriptions because it is mostly assumed that as a Software Developer, you should already know and be using Git.

"Git is the most popular DVCS"

You will work with others 👥

Another reason you should learn git and learn it now is that you will most likely have to work with others either as part of a team in your job or just to collaborate with others in developing various software products. When it comes to collaborating among software development teams in tracking source code changes, nothing does it better and as smoothly as Git.

"...nothing does it better and as smoothly as Git."

Git is not as hard as you think 💪🏾

For many people, the reason they defer learning Git until much later is because of the impression that Git is a hard concept and that they need to memorize a whole bunch of various git commands to get going. This is not true❗️
The Git commands you will most frequently use are just very few and once you start using them, you’ll see that it’s just a breeze 👌🏾.

Remote is becoming the norm 👩🏽‍💻

Gone are the days when software development teams are constrained by physical proximity when all the members must be co-located in the same location to get work done. Remote work has been around for a while but it is getting more and more popular by the day. The current reality of the Covid-19 Pandemic has also massively accelerated the adoption of the remote culture and if you’re going to thrive as a software developer working remotely, you need to have a good command of basic Git.

The above are a few of the reasons you should learn Git and learn it NOW.

Want to begin your Git adventure already? below are some great resources that can help you quickly get started:

https://product.hubspot.com/blog/git-and-github-tutorial-for-beginners

https://git-scm.com/book/en/v2/Getting-Started-What-is-Git%3F

https://try.github.io/

https://www.freecodecamp.org/news/what-is-git-and-how-to-use-it-c341b049ae61/

https://www.youtube.com/watch?v=SWYqp7iY_Tc

https://www.youtube.com/playlist?list=PL4cUxeGkcC9goXbgTDQ0n_4TBzOO0ocPR

You can also follow @unseenwizzard here on DEV, he's a git guru and has some nice contents on the subject

Let me know what you think in the comment section. If you love this article don't forget to drop a ❤️ and share it within your network. I can also be reached on Twitter via @iMichaelOwolabi

How to Implement Login with Google in Nest JS

Michael Owolabi — Thu, 30 Apr 2020 17:18:55 +0000

In this article, we are going to implement (OAuth) login with google in Nest JS. Coming from Express, implementing OAuth in Nest JS may seem not so straight forward especially when using the general passport module because, in Nest JS, so many things have been implemented and wrapped in various nest modules that can be used out of the box by developers building in this awesome framework. While this is is a very good thing, you have to take the time to figure out how some of the regular things work differently in Nest.

Nest JS uses Typescript but allows the use of vanilla JS so it does not really force developers to write in typescript.

Nest is built on the popular Express framework and some of the concepts are very familiar but if you have never worked with Nest and want to get more from this article then I suggest that you take a few minutes to familiarize yourself with the framework here, the overview section will definitely get you going quickly.

Prerequisites

To follow through this tutorial you must have the following:

Node JS
NPM
Web Browser
Code Editor (VsCode)
Gmail Account

If you don’t have Node.js installed just head on to the official Node.js website to get a copy of Node.js for your platform. Once you install Node.js you will automatically have npm installed.

Getting Started

To get started, we are going to scaffold a new nest project using the nest cli so we’ll install it globally by running the following command on the terminal:



npm i -g @nestjs/cli

Creating a new Nest project

Since we have just installed nest cli globally, we can use it to setup a new Nest project server by running the following command:



cd desktop && nest new google-login && cd google-login

Open the generated project folder in your editor of choice which should look like the one below:

Install dependencies

For this project we will be using passport, dotenv to manage our environment variables, so let’s install them by running the following:



npm install --save @nestjs/passport passport passport-google-oauth20 dotenv
npm install -D @types/passport-google-oauth20

Test the server by running: ```npm

run start:dev


Now open up your browser and type the localhost URL on which Nest is running **‘localhost:3000/’** you should get **Hello world** just as shown below:

![Alt Text](https://dev-to-uploads.s3.amazonaws.com/i/an1wvy071ct9rgbscgi3.png)

Now we are good to go 🚀

### Create the Google Application

To use google OAuth we have to create an application on google developer console hence the need for the Gmail account. Visit [https://console.developers.google.com/](https://console.developers.google.com/) and create an application which we will use to set up the authentication in Nest JS. So when you visit the google developer console URL you should see something similar to the screen below

![Alt Text](https://dev-to-uploads.s3.amazonaws.com/i/gfwevy9t1tmjuzug40gw.png)


Click on **“NEW PROJECT”** and fill in your desired name and then click the Create button.

**Set Project Consent Screen**

The project consent screen is what is displayed to the user whenever they want to use our google application to login to our system. To set the consent screen 
click “OAuth consent screen” menu at the sidebar

![Alt Text](https://dev-to-uploads.s3.amazonaws.com/i/yoi62c37kbw01gnx2mmf.png)

Select External so the application can be used by any google account and then click **CREATE**.

On the consent screen, make sure you only fill the “Application Name” and nothing else since this is just for testing purposes. If we are creating a live application then other fields can be filled which will then need to go through the approval process. Click save when you are done.

**Get App credentials**

To get our app credentials which will be used to authenticate the app with google API click on “Credentials” menu at the sidebar.
* Click Create credentials and select OAuth Client ID
* Select Web applications on the next screen then fill the Authorized JavaScript origins and the redirect URI.

The Authorized JavaScript origins refers to where our request will be coming from which in this case is localhost, so enter **http://localhost:3000** and for the Authorized redirect URIs enter **http://localhost:3000/google/redirect**.

Kindly note that the redirect URI simply refers to the particular endpoint in our app where google will return the response after authenticating a user.
Click save when you’re done. You should get your app credentials from the screen below

![Alt Text](https://dev-to-uploads.s3.amazonaws.com/i/wsndg61fgc97gmq2ltvx.png)

Copy the credentials and save it somewhere because we are going to use it in our app.

### Setup Google Login (OAuth)
The first thing to do is to setup the google strategy which is the core of our google login implementation. Create a file named google.strategy.ts in the src folder and add the following code into the file.


  


In the code above, we loaded in all needed dependencies and then created a GoogleStrategy class as a sub-class of the PassportStrategy class. Every individual class that we define which uses passport must extend the PassportStrategy class which is a dedicated module from the ‘@nestjs/passport’.

We then pass in all the required parameters for the google strategy.

CLIENT_ID and CLIENT SECRET are the application ID and SECRET we got from google when we created the application which was loaded in through the environment variable.

CallbackURL is the particular endpoint in our app which google will return control to after authenticating a user. Remember we defined this also on google while creating our application.

Scope refers to the set of user information that we require from google needed in our app. In this case, basic user information captured in the profile and the user email.

The validate method refers to the verify callback function that will be executed after google returns to us the requested user information. This is where we decide what we want to do with the user information, in this case, we are just extracting and formatting the information we need from the returned user profile and adding it to the user object which will be available on the global request object. This is done by calling done and passing into it null (which means no error) and the user object.

Don’t forget to add the environment variables just as shown below in a .env file at the root of the project:



Note:

We could easily do all we want to do with the user information in the strategy file but Nest JS is very big on Single Responsibility Principle and since ordinarily in a live application, we will most likely want to save the user information in the database, such kind of actions is dedicated to something called services in Nest JS.

Setup the Controller, Route, and Service

For us to be able to login with google, we must setup the appropriate endpoint in our application and this is the job of controllers in Nest JS. To do this, open up the app.controller.ts file in the src folder and replace the content with the following code.


  


In Nest JS, routes can be setup at the controller level and/or at the request method level so in the code above we setup the google login route at the controller decorator level which means that every request in the controller will go through the google endpoint. You can read more on routing in Nest JS here

The first Get request is the endpoint that activates the google authentication through a special Guard from the “@nestjs/passport” module placed on the endpoint called “AuthGaurd”. We pass in ‘google’ as the argument to this AuthGuard to signify that we want to use the google strategy from the passport module to authenticate the request on this endpoint.

The second Get request refers to the second endpoint where google will redirect to (redirec URL) after authenticating a user. This endpoint also uses the special AuthGuard. After the done function in the validate method from the google strategy file is called, control is returned back to the googleLogin function on this controller. Let’s create the googleLogin function.

Open the app.service.ts file in the src folder and add the following code


  


Here we are just returning back the user information from google which was added to the request object from the validate method in the google strategy file.

Bringing it all together

As of now, our application still doesn’t know of the google strategy that was setup, so we need to make it available in the app module before we can use it.

Open the app.module.ts file and add the google strategy as a service in the provider array. Your app module file should look like the one below


  


  
  
  Testing Our App


Start the app by running ```npm

run start:dev

Launch any browser on your computer and visit the google endpoint at localhost:3000/google

You should see something similar to the screen below

User information from google after login is shown below

Congratulations! You have just successfully implemented Google OAuth (Login with Google) in a Nest JS application.

Completed code can be found here: https://github.com/iMichaelOwolabi/google-oauth-nestjs

You can drop your comments here if you have one and for further engagements, I can always be reached on Twitter @iMichaelOwolabi

How to know You're ready for a Software Developer job as a Beginner

Michael Owolabi — Sat, 18 Apr 2020 16:58:39 +0000

So you’ve been learning to code for a few months, finished from a Bootcamp or just fresh out of grad school and you’re wondering if you should send out that application because you’re not sure if you’re ready. This is the dilemma many of us find ourselves when trying to get our first software developer job. This can even be the case when trying to change jobs or applying for a more senior position than our current level.

This is especially a tough case for those who are self-taught without any form of degrees or boot-camp experience, there is always the extra worry of not having a degree, but hey, this is not medicine where you need a license to practice. I know you must have heard this before but let me re-emphasize it that you can get a great software development job without any form of degree.

Taking that out of the way, so how do you know if you’re ready for a job as a beginner? Well, I’m happy to announce to you that you will never truly know until you send out that application, get that interview, get rejected, learn from rejections, repeat until you get a befitting organization lucky to have such a great person as yourself.

Anything else you get from this article that doesn’t end with you taking that leap of faith and sending out that application is a total waste of time. This is very important because you can spend years on tutorials and documentation, and not feel ready.

So then, let us look at some ways to brace up and boost our morale leading to sending out a great application for that job you think you aren’t ready for.

Find a Support System.

If you can self motivate all of the time that’s fantastic. But since most of us can use a little “pat on the back” alongside some nudge every now and then, it is very important that you find a support system. This could be a friend, colleague, mentor, community, anyone or anything you can draw strength from which can help get you going even when all looks bleak.

This is very important because victory only lies in not giving up and to not give up in spite of challenges requires motivation, getting motivated is where the support system plays a role. I know this seems obvious but you need to ensure that whatever support system you get is one that lifts you up and not one that puts you down.

Learn more | Code more | Build more

Having completed a boot-camp, graduated, or completed some form of personal learning. This is not the time to relax and go on a coding sabbatical while hoping to secure your first software development job. In contrast, this is the time to continue to solidify your knowledge through continuous learning, coding, and building as much as you can.

I can’t think of a more confidence booster than getting your hands dirty in code. The more you learn, code, and build, the more confident and ready you are for that job as a software developer.

Danny Thompson @dthompsondev put it so well in a 39 seconds video posted on his twitter page. Kindly take out time to watch the video here

Invest in Soft Skills

You’ve studied and are very confident in your skills, you just graduated with spectacular grades or maybe you’ve just finished from a very intense boot-camp and you’re literally beaming code. That's great, but how are you going to convince the hiring manager you’ve got what it takes if you cannot communicate it properly?

As software developers, we are first humans and are not separated from the rest of the world so we have to know how to relate with others, communicate properly, listen and not just hear stuff. So as you’re are building your technical muscles you should also find time to build various soft skills that will not only ensure that you secure that job, but also help you retain it.

Your exceptional soft skills may be the differentiating factor between you and the next great software developer who also applied for that job so find the time to work on your soft skills.

Remember

You can prepare for several months or even years and still not feel ready for a software development job because there will always be something that you don’t know. So as a beginner who has put in the time to learn either as self-taught, from boot-camp, or a graduate. The key is in sending out the application regardless of how unsure you think you are.
Find you a support system that motivates rather than de-motivate you, learn more | code more | build more, and invest in soft skills.

You definitely will never know if you’re ready or not until you send that application, get that interview and finally get that job.

Image Sources:
https://www.technojobs.co.uk/info/developer-guides/software-developer-job-description-template.phtml

https://giphy.com/

DEV Community: Michael Owolabi

Build a Passwordless Authentication in Node.js on Redis

Prerequisites

Getting started

Install dependencies

Redis Enterprise Setup

Visualizing your data

Connecting your Redis DB from the App

Building the Passwordless Authentication

Setting up email service

Bringing it altogether

How to build an event management application in Node.js + React on Redis

Prerequisites

Getting started

Install dependencies

Redis Enterprise Database Setup

Visualizing your data

Connecting your Redis DB from the App

Building user authentication into our event manager app

Building the event module

Modeling the data and creating the index

Building the event management platform on Redis

Building the frontend of our event management app using React.

Caveat

This is why your Node.js application is slow

So, what is the problem with async/await? You ask.

Does this mean related/dependent promises should block each other?

Blocking the event loop 🚫

Conclusion

Further Reading:

KYC for Software Developers

KYC for Software Developers - What it means

Do you know your customers?

Caveat ✋🏼

Customers of a Backend Developer

Customers of the Frontend Developer (Mobile/Web)

Conclusion

What case should your API request/response be?

What I’ve seen so far 👀

Conclusion

P.S.

Ask questions, ask lots of it

Why should you ask questions?

Saves you valuable time

Saves you from making stupid mistakes

Broadens your knowledge

Everyone (Experts, Colleagues, Mentors, Friends) has been saying this for too long

What you can do to help

Conclusion

Redis Data Structure Part 1

Prerequisites

Redis Data Structures

String

Common commands and operations in Redis String

Hashes

Common commands and operations in Redis Hash

List

Common commands and operations in Redis List

Set

Common commands and operations in Redis Set

Sorted Set

Common commands and operations in Redis Sorted Set

Conclusion

Coding Convention: Why your team should adopt one quickly

What is coding convention?

A note on best practice

Why your team should adopt one fast

The chaos to expect if you fail to do so.

Useful Tools

Linters: ESLint (JavaScript)

Style guides: (Airbnb - JavaScript, PEP 8 - Python, Google Java style guide - Java)

Your email could be your biggest career advancement enemy

What I discovered

Why did I say your email could be your biggest career advancement enemy?

How can this be resolved 🤔?

1. Check all emails, not just the ones in your inbox

2. Read your emails daily

3. Unsubscribe often

Conclusion

Why you should learn Git 📌