Today the results for Coinbase's Bithack came out. It was a lot of fun building Bitcoin Retail and I learned a lot, but I don't know if I will bother next time they have a competition. For me it all comes down to judging. You see, with my app I'm able to see database records created and modified with every action that is taken on the site. Why? Because Bitcoin Retail is all about accounting.
This morning I learned a valuable lesson about access tokens and refresh tokens while using the Coinbase API. When using my refresh token to obtain a new access token I had missed adding a line that stored the new refresh token that came in the response. This caused the following refresh to always fail because the refresh token was now wrong. The good news is that I was storing the entire json response and decoded that to pull out a valid refresh token.
I recently decided to update my fork of ejabberd when I started looking at building a new app that requried messaging. Maintaining a fork can be a little bit of work, but sometimes you just want some features that upstream maintainers don't care about when bulding things like Chatmongers. There have also been some discussions about the differences between git and svn at work and I decided to do a "big" merge so as to put my money where my mouth is and generate an emperical data point when saying git is nice to work with. It went pretty well except for one mistake, but I attribute that to being in a hurry/careless.
Today a friend of mine needed some help with ejabberd. I had a lot of fun working on Chatmongers and working with my fork of ejabberd. Through all of this I learned a few things about how I like to manage ejabberd. I developed a few rules for managing ejabberd so that I could have improved quality of life through applying consistent patterns. These patterns are expressed in the ejabberd setup instructions I gave to my friend.
Today I sat in a meeting where future plans for oauth were being discussed. I decided it's time to play with OAuth again in my personal python projects. Why do I want to do this? Because if you're going to build all of your own user management with the responsibility of doing password storage I think you need to think about why your requirements dictate that you can't just use someone else's authentication backend. Implementing OAuth for guest login is a great way of limiting liability and reducing the number of tokens your users have to keep track of which reduces user signup friction. I'm also tired of spending the first few hours of every app I develop in Django writing login, logout, and password reset functions before I build anything else more in line with the rest of my app.