Andrey Paderin paderinandrey

Про токены, JSON Web Tokens (JWT), аутентификацию и авторизацию. Token-Based Authentication

Last major update: 25.08.2020

Что такое авторизация/аутентификация
Где хранить токены
Как ставить куки ?
Процесс логина
Процесс рефреш токенов
Кража токенов/Механизм контроля токенов

Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers

Tip

Microsoft active directory servers by default provide LDAP connections over unencrypted connections (boo!).

The steps below will create a new self signed certificate appropriate for use with and thus enabling LDAPS for an AD server. Of course the "self-signed" portion of this guide can be swapped out with a real vendor purchased certificate if required.

Steps have been tested successfully with Windows Server 2012R2, but should work with Windows Server 2008 without modification. Requires a working OpenSSL install (ideally Linux/OSX) and (obviously) a Windows Active Directory server.

Create root certificate

Postgres Cheatsheet

This is a collection of the most common commands I run while administering Postgres databases. The variables shown between the open and closed tags, "<" and ">", should be replaced with a name you choose. Postgres has multiple shortcut functions, starting with a forward slash, "". Any SQL command that is not a shortcut, must end with a semicolon, ";". You can use the keyboard UP and DOWN keys to scroll the history of previous commands you've run.

Setup

installation, Ubuntu

http://www.postgresql.org/download/linux/ubuntu/ https://help.ubuntu.com/community/PostgreSQL

	require 'sidekiq/api'

	# 1. Clear retry set

	Sidekiq::RetrySet.new.clear

	# 2. Clear scheduled jobs

	Sidekiq::ScheduledSet.new.clear

	http://stackoverflow.com/questions/22667401/postgres-json-data-type-rails-query
	http://stackoverflow.com/questions/40702813/query-on-postgres-json-array-field-in-rails

	#payload: [{"kind"=>"person"}]
	Segment.where("payload @> ?", [{kind: "person"}].to_json)

	#data: {"interest"=>["music", "movies", "programming"]}
	Segment.where("data @> ?", {"interest": ["music", "movies", "programming"]}.to_json)
	Segment.where("data #>> '{interest, 1}' = 'movies' ")
	Segment.where("jsonb_array_length(data->'interest') > 1")

	# base requirements
	sudo apt-get update
	sudo apt-get install -y software-properties-common
	sudo apt-get install -y python-setuptools python-dev libffi-dev libssl-dev git sshpass tree
	sudo easy_install pip
	sudo -H pip install cryptography

	# sudo -H pip install ansible==2.1.1.0 if you don't need virtualenv

	# virtualenv

	# Add this snippet to the top of your playbook.
	# It will install python2 if missing (but checks first so no expensive repeated apt updates)
	# [email protected]

	- hosts: all
	gather_facts: False

	tasks:
	- name: install python 2
	raw: test -e /usr/bin/python \|\| (apt -y update && apt install -y python-minimal)

	require "active_record"

	ActiveRecord::Base.establish_connection(adapter: "sqlite3", database: ":memory:")
	ActiveRecord::Migration.class_eval do
	create_table(:records) do \|t\|
	t.string :column
	end
	end

	data = 50_000.times.map { \|i\| Hash[column: "Column #{i}"] }

	# This is just a cheat sheet:

	# On production
	sudo -u postgres pg_dump database \| gzip -9 > database.sql.gz

	# On local
	scp -C production:~/database.sql.gz
	dropdb database && createdb database
	gunzip < database.sql.gz \| psql database

	require "open-uri"
	require "net/http"

	Error = Class.new(StandardError)

	DOWNLOAD_ERRORS = [
	SocketError,
	OpenURI::HTTPError,
	RuntimeError,
	URI::InvalidURIError,