In the life of a (web) programmer comes a moment, when they make an application which they want to share with a wider public. In my case it was after two years of learning how to make app, coding, improving, testing, with the help of one user - the person I wrote this app for.
I was pretty confident I have covered the most critical functions with tests. I was comfortable in deployment, so I wanted to let everyone know they can use my app. But...
I realized that the app used by the general public must follow some law requirements. And as a programmer, I have little to no idea what these are. So I started searching for laws, explanations, tools and manuals.
In this article, I want to summarize what I found out and help other programmers, who happen to be in the same position as I am.
My app is (currently) made for users from Czechia (Czech Republic), so I searched for solutions and laws based here. Thus, you should look into your local rules carefully.
I try to inform whether my solution is only applicable to Czechia or is based on rules of the European Union.
If you find any mistakes, please inform me so I can improve this text.
I will try to look into some base law requirements - cookies, terms and conditions and protection of personal data (GDPR).
Then I’m also interested in various topics of app security - risks of dependencies, comparison of languages, private vs public code, security auditing, app usage monitoring (to find potentially malicious uses and security breaches), dealing with passwords and comparison of different deployment and hosting options.
I only have part of that by now, so I cannot ensure this series of post will look into everything.
My app is a calculator for ketogenic diet. Source code is here.
It’s built in Python framework - Flask. Uses MySQL for database.
It has user registration, and users save info about ingredients, recipes, and diets.
In next part of the serie I will write about cookies and GDPR.
As this is my first most, your feedback is most welcome!