Skip to content

Instantly share code, notes, and snippets.

View fduch2k's full-sized avatar

Alexander Hramov fduch2k

12 followers · 14 following
View GitHub Profile
@soulmachine
soulmachine / jwt-expiration.md
Last active January 9, 2025 12:03
How to deal with JWT expiration?

First of all, please note that token expiration and revoking are two different things.

  1. Expiration only happens for web apps, not for native mobile apps, because native apps never expire.
  2. Revoking only happens when (1) uses click the logout button on the website or native Apps;(2) users reset their passwords; (3) users revoke their tokens explicitly in the administration panel.

1. How to hadle JWT expiration

A JWT token that never expires is dangerous if the token is stolen then someone can always access the user's data.

Quoted from JWT RFC:

@developit
developit / *state-machine-component.md
Last active February 6, 2021 00:44
265b lib for building pure functional state machine components. https://github.com/developit/state-machine-component

state-machine-component

A tiny (265 byte) utility to create state machine components using two pure functions.

🔥 JSFiddle Demo

Usage

The API is a single function that accepts 2 pure functions as arguments:

@Richard-Mathie
Richard-Mathie / Redis Cluster Setup with Docker Swarm.md
Last active May 11, 2022 12:58
Redis cluster setup with docker swarm

Redis Cluster Setup with Docker Swarm

Setup

./redis.sh

Test

test the redis cluster

@patrickgill
patrickgill / m3u8download.sh
Last active January 20, 2025 12:15
download m3u8 ts segments, then decode, join, and remux them! (HTTP Live Streaming TS files)
# download
aria2c -x 5 -i file.m3u8
# decode (example)
openssl aes-128-cbc -d -K 15D0F46608409DA364E3F5D92BDE9F61 -iv 00000000000000000000000000000000 -nosalt -in G00000000.ts -out G00000000.d.ts
# join all ts files
cat *.ts > out.ts
# convert ts output file
@ericelliott
ericelliott / essential-javascript-links.md
Last active March 22, 2025 17:28
Essential JavaScript Links
@staltz
staltz / introrx.md
Last active April 2, 2025 11:07
The introduction to Reactive Programming you've been missing
@rtt
rtt / tinder-api-documentation.md
Last active March 10, 2025 07:24
Tinder API Documentation

Tinder API documentation

Note: this was written in April/May 2014 and the API may has definitely changed since. I have nothing to do with Tinder, nor its API, and I do not offer any support for anything you may build on top of this. Proceed with caution

http://rsty.org/

I've sniffed most of the Tinder API to see how it works. You can use this to create bots (etc) very trivially. Some example python bot code is here -> https://gist.github.com/rtt/5a2e0cfa638c938cca59 (horribly quick and dirty, you've been warned!)

@stuart11n
stuart11n / gist:9628955
Created March 18, 2014 20:34
rename git branch locally and remotely
git branch -m old_branch new_branch # Rename branch locally
git push origin :old_branch # Delete the old branch
git push --set-upstream origin new_branch # Push the new branch, set local branch to track the new remote
@bradmontgomery
bradmontgomery / install-comodo-ssl-cert-for-nginx.rst
Last active March 20, 2025 17:17
Steps to install a Comodo PositiveSSL certificate with Nginx.

Setting up a SSL Cert from Comodo

I use Namecheap.com as a registrar, and they resale SSL Certs from a number of other companies, including Comodo.

These are the steps I went through to set up an SSL cert.

Purchase the cert

@jed
jed / how-to-set-up-stress-free-ssl-on-os-x.md
Last active February 27, 2025 16:31
How to set up stress-free SSL on an OS X development machine

How to set up stress-free SSL on an OS X development machine

One of the best ways to reduce complexity (read: stress) in web development is to minimize the differences between your development and production environments. After being frustrated by attempts to unify the approach to SSL on my local machine and in production, I searched for a workflow that would make the protocol invisible to me between all environments.

Most workflows make the following compromises:

  • Use HTTPS in production but HTTP locally. This is annoying because it makes the environments inconsistent, and the protocol choices leak up into the stack. For example, your web application needs to understand the underlying protocol when using the secure flag for cookies. If you don't get this right, your HTTP development server won't be able to read the cookies it writes, or worse, your HTTPS production server could pass sensitive cookies over an insecure connection.

  • Use production SSL certificates locally. This is annoying