pymen

Introduction

The purpose of this short howto is to show you how to:

use openconnect [1] to connect to an enterprise cisco anyconnect endpoint
whilst minimizing the amount of traffic that your route through the vpn connection

Usually VPN administrators will puth the default route to the users, so that all user traffic is routed through the vpn connection. This is to address the various security concerns around compromised user computers bridging external internet traffic into the secure VPN network.

While the VPN administrator can push routes to the clients, the client can ignore these default routes and establish client side routing so that only the required A.B.C.D/E network is routed through the VPN. All other traffic will still use the clients default route and default outbound internet connection.

Про токены, JSON Web Tokens (JWT), аутентификацию и авторизацию. Token-Based Authentication

Last major update: 25.08.2020

Что такое авторизация/аутентификация
Где хранить токены
Как ставить куки ?
Процесс логина
Процесс рефреш токенов
Кража токенов/Механизм контроля токенов

Batching migrations

The idea here is that if you know which migrations were in version 2.0.3 of your project and which were in version 2.0.4 then setA - setB gives you the list of migrations you need to undo.

Django migrations give you a directed acyclic graph which describes how to get from the current database state to the target state. But there is no mechanism by which you can perform tasks like revert all the migrations that just ran in the last deployment.

Here is a quick recipe for batching Django migrations to allow you to do things like that.

Before you tag your project you do:

	import logging.config
	import os
	from django.utils.log import DEFAULT_LOGGING

	# Disable Django's logging setup
	LOGGING_CONFIG = None

	LOGLEVEL = os.environ.get('LOGLEVEL', 'info').upper()

	logging.config.dictConfig({

	curl -I -X OPTIONS \
	-H "Origin: http://EXAMPLE.COM" \
	-H 'Access-Control-Request-Method: GET' \
	http://EXAMPLE.COM/SOMETHING 2>&1 \| grep 'Access-Control-Allow-Origin'

	#!/bin/bash

	# === INFO ===
	# ForceVPN
	# Description: Force VPN tunnel for specific applications.
	# If the VPN is down => blackhole the app network traffic.
	# Better than a killswitch. IPv4.
	VERSION="2.3.0"
	# Author: KrisWebDev
	# Requirements: Linux with kernel > 2.6.4 (released in 2008).

	#!/bin/bash

	# === INFO ===
	# NoVPN
	# Description: Bypass VPN tunnel for applications run through this tool.
	VERSION="3.0.0"
	# Author: KrisWebDev
	# Requirements: Linux with kernel > 2.6.4 (released in 2008).
	# This version is tested on Ubuntu 14.04 and 19.10 with bash.
	# Main dependencies are automatically installed.

	//oauth2 auth
	chrome.identity.getAuthToken(
	{'interactive': true},
	function(){
	//load Google's javascript client libraries
	window.gapi_onload = authorize;
	loadScript('https://apis.google.com/js/client.js');
	}
	);

	#!/usr/bin/env zsh

	# Initialize VPN
	sudo vpnns up
	sudo vpnns start_vpn

	# Popcorn time!
	sudo ip netns exec frootvpn sudo -u $USER popcorntime

	# Cleanup

	#!/bin/bash
	# This gist contains pre-commit hooks to prevent you from commiting bad code or to the wrong branch.
	# There are six variants that I have built:
	# - pre-commit: stops commits to master/main/develop branches.
	# - pre-commit-2: also includes a core.whitespace check.
	# - pre-commit-3: the core.whitespace check and an EOF-newline-check.
	# - pre-commit-4: only the core.whitespace check.
	# - pre-commit-5: elixir formatting check.
	# - pre-commit-6: prettier formatting check.
	# Set the desired version like this before proceeding: