lemoinem's Blog

Sysadmin/Programming tips

View the Project on GitHub

Hello there,

From time to time, I have a few idea, tips, solutions to a problem that bothered me for several days or simply neat pieces of code that I want to keep in one corner of the Internet for later use.

I think it would be selfish to keep these for myself, and if they may ever be useful to someone else, well, there you go! Unless mentioned otherwise or being own by someone else, every piece of code you’ll find here is under my favorite license: BSD-3, under the same reservations, the rest of the text and content is licensed CC-BY 4.0. Feels free to use it and adapt it yourself and if you have any kind of improvements, I’ll be happy to hear about it. In particular, translation is encouraged if you feel it could be useful to someone else (again, although not a requirement, droping a note would be nice ;) ). To contact me, you can do it either through github or via blog@mlemoine.name.

Don’t expect any kind of regular or high-profile posting here, it’s just my little corner of the Internet that could be useful to you too!

Last posts

Securing a RESTful authentication API for Web Apps (Part 5)

29 Apr 2017

This is the fifth part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we integrated various user authentication scheme to our authentication API. In this post, we will focus on mitigating several important security issues. Although our authentication API includes protections against...

Read more...

Miscellaneous security concerns in REST APIs (Part 6)

29 Apr 2017

This is the sixth and last (but not least) part of my Authentication and security for REST API in the context of Web Apps series of posts. We covered each steps of designing and securing a RESTful authentication API. Security in the authentication mechanism is paramount. A secure authentication layer ensures no user will be...

Read more...

Modular RESTful authentication API for Web Apps (Part 4)

27 Apr 2017

This is the forth part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we designed a RESTful authentication API. In this post, we will integrate several user authentication schemes to it (criteria 5). As for the previous post, http://ld.lemoinem.name/ns/rest-auth# is used as...

Read more...

Credentials format for REST APIs in the context of Web Apps (Part 1)

23 Apr 2017

This is the first part of my Authentication and security for REST API in the context of Web Apps series of posts. In this one, we will focus on how to design credentials containers (tokens and such). When one says authentication, one automatically thinks about credentials. In the context of a Web App, there are...

Read more...

RESTful authentication API for Web Apps (Part 3)

23 Apr 2017

This is the third part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we discussed how to store and provide tokens to the server. In this post, we will try to design an API to authenticate users and manage tokens. As mentioned...

Read more...

Out-of-band credentials storage and transit for REST APIs in the context of Web Apps (Part 2a)

23 Apr 2017

While writing the the second part of my Authentication and security for REST API in the context of Web Apps series of posts, I realized that discussing the different alternatives to store credentials token was more extensive than I previously thought. This post focuses on storing and transmitting credentials out-of-band. This means the API is...

Read more...

In band credentials storage and transit for REST APIs in the context of Web Apps (Part 2b)

23 Apr 2017

While writing the the second part of my Authentication and security for REST API in the context of Web Apps series of posts, I realized that discussing the different alternatives to store credentials token was more extensive than I previously thought. This post focuses on storing and transmitting credentials in band. This means the API...

Read more...

Credentials storage and transit for REST APIs in the context of Web Apps (Part 2)

23 Apr 2017

This is the second part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we designed a strong credentials’ vessel (token). In this post, we will try to find the best way to store and provide them to the API. Having secure tokens...

Read more...

Authentication and security for REST API in the context of Web Apps (Intro)

22 Apr 2017

I am, finally, starting to look at developing REST APIs as the backend of a Web Apps. I’m certainly not the first and the community has already been developing great tools and technologies for this. In particular, given my background with PHP and Symfony, I’ve been looking at: JSON-LD, JWT, HYDRA, API Platform For anyone,...

Read more...

tmux everywhere

29 May 2013

tmux/GNU Screen are a terminal multiplexer. That means, it re-implements the “Multiple Tabs” features for your console/terminal, but natively (it works in (almost) any terminal (emulator)) and you can detach/reattach it (very useful if you just want to leave that script running for a while without keeping your SSH connection or session opened). Since I...

Read more...