Database migrations with node db-migrate

To continue with the research on database migrations started with the post about liquibase I will provide a small tutorial for node’s db-migrate on how to database migrations with node db-migrate

I am much more used to this kind of tool in which the developer’s responsibility of providing migrations is done in the same language of development. The fundamentals are the same. It seems to me that liquibase can be a bit more powerful when handling severe branching, but the simplicity of these kind of framework tools makes them desirable

I will use the same schema and setup as on the previous post, please check it out there on the post about liquibase

Read more →

 

Managing database schema changes with liquibase on an existing database tutorial

If you have had a project with several developers working at a high velocity on different branches you are probably aware of the amount of trouble that a theoretically simple task such as managing the db schema changes can provoke. The main issues occur on a daily-basis at development, less DRY, less agile; also the production deployments and merges can be severly affected

Database migration tools

Luckily most frameworks come with migration tools, rails, django, sequelize or yii as it is an important tool to ensure some agility. Today I will be taking a look at liquibase which you may find interesting

Read more →

 

CSRF in django rest_framework

I am very much into connecting different front-ends (angularjs, javascript, titanium appcelerator, and so on…) to a rest back-end as you may have seen on previous articles. This made me aware of problems with django’s CSRF protection, yet another developer hiccup

What is CSRF?

CSRF, standing for cross-site request forgery is a kind of attack in which a malicious web site cheats a user to perform actions on some other web site where the user may be authenticated (some evil purposes included). This is achieved by placing forms or links to the site where the user is logged in. Most systems nowadays are including protection against this kind of attack by ensuring that the form that performs the action is only present in your site. This is achieved by setting a server side known token into the form (as an alternative for a referral based system that could be spoofed).

For those interested in a more detailed explanation check csrf protection on the security tips for web developers

Well as for now, as django rest_framework with session based authentication includes csrf and since I haven’t manage to get the csrf_exempt decorator in my rest_framework class based views, I have added this token to the login/signup response of my auth api

Read more →

 

Google maps rails crud sample application (I), creating a marker and saving its data in the database

OPEN On a previous post I mentioned something about . I have finally put together a database driven google maps CRUD demo (because crud is the new hello world!)

This demo rails app (called playgrounds) is written for Rails 4 (ruby 2.0.0) with gmaps4rails and you have the full code available for you to play with as usual. Its main purpose is to allow any user to store and modify spots on the map containing sport playgrounds (one per marker). I Tried to make this demo as good in terms of teaching how the thing works as possible as well as KISS This is the first post, covering the ‘C’ of the CRUD

Read more →

 

Google maps geocoding with rails

The past few days I have come back to some google maps fun geocoding in Rails 4 with gmaps4rails and geocoder

rails-google-maps

Direct geocoding with javascript in googlemaps

From javascript you can easily geocode an spot selected by the user by simply invoking the asynchronous geocoder.geocode() method as shown in the following code

Read more →