DEV Community: Lenny Zeitoun

How to create your own password generator in under 10 lines of code using NodeJs

Lenny Zeitoun — Thu, 23 Jun 2022 15:50:16 +0000

Why are we doing this

As we've all noticed lately, websites and apps have become stricter about your account password, which must meet the following minimum requirements: 8 characters long and be a mixture of alpha-numeric characters. Moreover, with latest versions of IOS and Android, they created a whole system where you can find all passwords considered as 'weak' and if one of your password has appeared in a data leak they'll alert you.
I have a saying:

If something already exists but you feel capable of doing it yourself then do it !

What I really mean behind this statement is that it doesn't matter that it already exists because the version you have in mind (with all its complexity) doesn't exist, and that's the point: by turning the idea into an application you'll get a better understanding of how things actually work, which will give you not only technical skills but also conversational skills hence giving you the opportunity to teach someone else (which is for me, the most valuable asset in life).

Requirements

NodeJs installed on your computer, if it's not already done, here are the ways to set it up:
- Simplest solution: Using nvm
- From official source: You can download it from here
- Using a packet manager:

Using apt-get

# The first step is to update your system
$ sudo apt-get update

# Then run
$ sudo apt install nodejs
$ sudo apt install npm

# Finally test installation using
# It should output the currently installed version of node & npm
$ node -v 
$ npm -v

Using Homebrew

# The first step is to update your brew local cache
$ brew update

# Then run, it will install both nodejs and npm at the same time
$ brew install node 

# Finally test installation using
# It should output the currently installed version of node & npm
$ node -v
$ npm -v

Getting started

First things first we are going to create a new file in our bin folder, I decided to use the one located at ~/.bin, doing so will let you call our password generator script from anywhere you want.

I am assuming that the ~/.bin/ is already registered and exported in your global environment variable $PATH. If not, then heads up to your terminal, mkdir ~/.bin, then edit your shell configuration file ( egc: ~/.bashrc, ~/.bash_profile, ~/.zshrc, ~/.zsh_profile...) by happening at the end of it export PATH=$PATH:~/.bin.

Once this is done, heads up to our ~/.bin/ folder and create a file using touch command, let's call it createPassword.
Now, open the file in your favorite code editor, I'll personally use VsCode by doing code ./createPassword. If everything is set up correctly you should have a blank page by now named after the file you created earlier, now let's dive in the code for our password generator.

The script

As you may know, NodeJs has a powerful builtin cryptographic library called crypto, let's import it:

const crypto = require('crypto');

To make sure your installation of node is working I suggest you to run node NAME_OF_THE_SCRIPT, if it doesn't throw any error then you are all settle.

Now, what we are looking for in a password generator is its strength and robustness. We can simplify that concept by assuming that the longer it is the better. We then need a way to tell the generator how long we want the output password to be ? In our case we will use arguments. Now add this line:

let args = process.argv.slice(2);

We slice the arguments received in order to extract the custom 'parameters' (in our case, a number that we will call 'length')

Now we can create a variable in our script, called length. Its value will be equal to the Number we pass to our script.

const length = Number(args[0]);

Note that we cast our argument to Number because when we receive it from the terminal it's of type String

Next and last step is to check if our parsed number return a number and not an error (or NaN). If so, we simply call the crypto library and generate a random password else we alert the user that he didn't pass a correct parameter to the script. The condition looks like this:

if (typeof(length) === 'number' && !isNaN(length)) {
   const pass = crypto.randomBytes(length).toString("hex");
   console.log(pass);
   process.exit(0); // No errors
} else {
   console.log('Error: Param must be of type number');
   process.exit(1); // Error
}

If we put everything together, our script should look like this:

Well, that's it, hope you'll enjoy this small tutorial on how to create a password generator in under 10 lines of code using NodeJs.
'Till next time 😉.

A little bit more about me:

I'm Lenny, senior software engineer, Founder of ZCorp focused on Consulting for helping people to develop and grow their ideas into a reliable, rewarding and profitable business.
Here are some links to my networks:

GitHub
Linkedin
Dev.to

How to improve the efficiency of git commits in a remote team ?

Lenny Zeitoun — Thu, 03 Mar 2022 18:34:19 +0000

Why this article

As we dive further into 2022, I thought it was a good time to make a recap of 2021 in terms of tools and technologies that I've put in place as a CTO in a growing (startup) agency.

Covid-19 has, for sure, been a rough time. People had to re-think their infrastructures, how they work, how they communicate and more basically, how they interact and stay organized while being in quarantine. But because of that, it brought new challenges and thus, new opportunities to startup like ours.

Communication is the key

When it comes to organization in a team, most of the time, problems come from a lack of (efficient) communication.
For example, when managing multiple projects at once or working with developers around the world using different technology stacks, you are required to be as thorough as possible in order to keep track of what have been/need to be done. Here starts the problem, even though you can be extremely organized (I've, myself, been using dozen of apps for this kind of purpose, I'll publish an article later on my thoughts & findings), if only one link in the chain lacks rigor, the entire organization is compromised !

My take on 'cutting the man in the middle'

As logical as it is, when you need to rely on someone else, you become dependent on his skills and organizational system, thus, if he misses to keep in touch with you about his latest achievements (egc: push on a git repo to fix a bug, new feature, pull request...), there is an impact on the time it takes to accomplish common actions (code review, merging features).

Here is a schema representing what a feature integration looks like with the given problematic

When I understood that I could not control how other human being manage their time and organization, I asked myself 'What can I do to fix this ?', the answer was pretty obvious, I needed to create kind of a bot, acting as an intermediary between me and the developers.
Well, as you can see, it's not so much about cutting the man in the middle but replacing the man by the bot !

Here is the schema representing the optimized workflow using the bot I created as a replacement for the human (report) interaction

Creating the perfect assistant

The following list contains (mostly) all the informations I'm looking for when one of our developers make a commit:

User making the commit
Commit date (localized)
Get a clear report on what have been done.
Which type of modifications we are looking at (feature integration, bug fix...).
Which files have been edited.
Number of modifications, number of changes (additions/deletions)

Github action workflow

With these informations, I can do the technical review efficiently, mainly because I know what I'm looking at and what I need to pay attention to.
Based on these criteria, I started building my Github action and this is the workflow I've come to:

A developer makes a commit to one of our repos, triggering the Github action.
The action processes the infos extracted from the commit
It then generates a comment on the given commit with the following infos:

At the same time, it triggers an event for sending an email to the repositories' designated maintainers that looks like that:

As you can see, with this process, we receive live the infos we need from the developers without the need of a human report.

Conclusion

Not only did it halve the time needed for technical code review, but it completely eliminated the need to ask developers to "Don't forget to send your report".
You are pleased to use it in your projects, I'm sure that it will help you or your team to be more productive hence having the time for the things that matter the most.
For all configuration options and parameters available for the Github action, you are welcome to take a look at the repository (link below).
Hope you enjoy !
Leave a star on the repo if you find it helpful (and drop a comment on this article to tell me what you think about it)
See you next time !

The repository: Git-Push-metadata-action

ZeitounCorp / Git-Push-metadata-action

Github action that should execute when a new push happens on a repository, should alert the maintainer by mail with the number of files modified, number of modifications, full date (DD/MM/YYYY @ time)

Git-Push-metadata-action

Github action that should execute when a new push happens on a repository, should alert the maintainer by mail with the number of files modified, number of modifications, full date (DD/MM/YYYY @ time) and the commit message

How to use it

Open an existing repository or create a new one
Add the action to your workflow (inside .github/workflows/)
Create the GitHub Secrets required for running the action (Settings > Secrets > Actions > New repository secret)
Enjoy detailed notifications on your repository when a new push happens !

Action configuration file (.yaml)

name: Git commit metadata annotation
on: push

jobs:
  annotate-pr:
    runs-on: ubuntu-latest
    name: Annotates commits with metadata
    steps:
      # - uses: hmarr/debug-action@v2 uncomment to debug
      - name: Annotate Commit
        uses: ZeitounCorp/Git-Push-metadata-action@main
        with:
          owner: ${{ github.repository_owner }} # Owner of the repository
          repo: ${{

…

View on GitHub

A little bit more about me:

I'm Lenny, (ex) software engineer, now CTO in a growing startup (called Tsohar) focused on Consulting for helping people to develop and grow their ideas into a reliable, rewarding and profitable business.
Here are some links to my networks:

What's taking so much storage on a dev computer ?(and how to fix it !)

Lenny Zeitoun — Wed, 19 Jan 2022 11:30:05 +0000

Why this article

Hi everyone, today I want to talk about something that I just discovered after 10 years in the dev industry (as a software engineer). Until now, I wasn't the kind of person looking after the 'remaining disk space', but as I logged into my computer this morning, an alert popped up, telling me that I needed to free some disk space because I was running low. So here started my investigation !

The problem

So first things first, I needed something to visualize what was taking space on my computer.
As anyone would have done, I used the builtin storage visualizer available on my computer, but here started the problems. Builtin tools like that are limited, most of the time, they only try to give you an overview of your storage usage by grouping your files, applications, photos into bigger categories (like Documents, Apps...) and there is the problem, if a file doesn't fit the predefined category schema, then it falls into a global category called 'Other files' and you can't know which files are concerned by this 'filter'.
As a developer (and absolute console interface lover), I tried the good old way: du -h /path/to/folder, but as you can imagine this would have take a lot of time and an extensive knowledge of my computer folders and files architecture (which with all these years is starting to get a little bit messy)

The right tools bring great insights

So after long hours shelling my storage space, I decided to change my technique and I went online looking for a tool that could help in this time consuming task, few came up:

CleanMyMac or CleanMyPC (for Windows' users). Fantastic interface, super simple to use and a panel of functionalities that exceeds by far all other known software in this category. But such capacities come for a price and for such a small task as finding what took so much space on my computer I wanted to find a free tool. I might be interested one day in paying a subscription for the kind of features that CleanMyMac proposes, but for now I need to find another tool.

DaisyDisk: Even though it's not free, it was worth mentioning this software because of it's trial plan. It comes as a simple interface with on the left side an interactive colorful wheel that helps you navigate through your computer's folders and on the right side you can see the files located in the currently selected 'folder'. The free plan will for sure help you sweep away useless data but it's limited thus not interesting for our case.

OmniDiskSweeper: Last arrow in my quiver, it is the one I was looking for: completely free, great user interface (that reminds me of the Finder), boosted on steroids when it comes to calculate the weight of your computer's folders. He is a hole in one for me.

My Discoveries

So if you are like me, you don't restart that often your computer and because of it caches' folders are getting bigger and bigger over time. As an example my computer Cache folder was taking 8 GB of storage. But that is nothing compare to my next discovery. When looking through OmniDiskSweeper, I've found out that the folder located at ~/.npm/_cacache was taking 20GB of storage. It's the result of years of npm install commands that kept building some secure backups of libraries that I used for my different projects as an 'integrity package validator'. I had no choice: I needed to clear that cache but I needed to be cautious, I didn't want to compromise my node and npm installation.

How to fix your npm consuming storage problem

Simple enough, when you look at npm's documentation there is an interesting command npm cache verify that is supposed to check and compress your npm cache data. After doing as told, the cache reduced to 17GB but it still was too much. I decided to use another command: npm cache clean. As you can understand, by executing this command it will delete the _cacache folder's content, thus claiming back our 17GB storage space. If you try to run this command as of npm@5 you should get the following error:



npm ERR! As of npm@5, the npm cache self-heals from corruption issues and data extracted from the cache is guaranteed to be valid. If you want to make sure everything is consistent, use 'npm cache verify' instead. On the other hand, if you're debugging an issue with the installer, you can use `npm install --cache /tmp/empty-cache` to use a temporary cache instead of nuking the actual one.
npm ERR! 
npm ERR! If you're sure you want to delete the entire cache, rerun this command with --force.

npm ERR! A complete log of this run can be found in:
npm ERR!     ~/.npm/_logs/2022-01-19T10_45_45_597Z-debug.log

No worries, as they tell you on npm's documentation website the reason for this error is:

npm stores cache data in an opaque directory within the configured cache, named _cacache. This directory is a cacache-based content-addressable cache that stores all http request data as well as other package-related data. This directory is primarily accessed through pacote, the library responsible for all package fetching as of npm@5.
All data that passes through the cache is fully verified for integrity on both insertion and extraction. Cache corruption will either trigger an error, or signal to pacote that the data must be refetched, which it will do automatically.

So what do we do ?
As they tell us: if we are looking for reclaiming storage space we can run the command npm cache clean with the parameter --force in order to overrule this new 'security' that came with npm@5. So the command becomes: npm cache clean --force.
After execution, you should see that all the storage eaten up by npm cache should be restored and that's how, by deleting my computer old caches's folders I claimed back more than 30GB of storage.

Conclusion

As you can see, most of the time we are missing crucial informations when it comes to managing storage on our computers. Even though the size of our HDD or SSD is getting bigger, the programs, applications and tools we use are also getting bigger and bigger. By getting the right storage analysis tool, we can definitely claim back a lot of storage without the hassle of figuring out what is taking so much space on our computers.
If you liked this (first) article, please consider letting a like or a comment, t will for sure help me making more and better content.
Hope you enjoyed !
See you next time

Useful links

CleanMyMac
CleanMyPC (to note that they are no longer maintaining nor updating this app)
DaisyDisk
OmniDiskSweeper
OSXDaily article on useful storage manager tools

A little bit more about me:

I'm Lenny, ex software engineer, now CTO in a growing startup focused on Consulting for helping people to develop and grow their ideas into a reliable, rewarding and profitable business.
Here are some links to my networks: