While this gist has been shared and followed for years, I regret not giving more background. It was originally a gist for the engineering org I was in, not a "general suggestion" for any React app.
Typically I avoid folders altogether. Heck, I even avoid new files. If I can build an app with one 2000 line file I will. New files and folders are a pain.
This is a quick guide of what you need to do to publish a react component for use by others. This guide is distilled from a conversation [0] on twitter. I will reference individual tweets, where appropriate (thereby shifting blame for incorrect advice from me to the authors :D)
"How do I get started with Node?" is a commonly heard question in #Node.js. This gist is an attempt to compile some of the answers to that question. It's a perpetual work-in-progress.
And if this list didn't quite answer your questions, I'm available for tutoring and code review! A donation is also welcome :)
Before you get started learning about JavaScript and Node.js, there's one very important article you need to read: Teach Yourself Programming in Ten Years.
Understand that it's going to take time to learn Node.js, just like it would take time to learn any other specialized topic - and that you're not going to learn effectively just by reading things, or following tutorials or courses. _Get out there and build things!
While a lot of Node.js guides recommend using JWT as an alternative to session cookies (sometimes even mistakenly calling it "more secure than cookies"), this is a terrible idea. JWTs are absolutely not a secure way to deal with user authentication/sessions, and this article goes into more detail about that.
Secure user authentication requires the use of session cookies.
Cookies are small key/value pairs that are usually sent by a server, and stored on the client (often a browser). The client then sends this key/value pair back with every request, in a HTTP header. This way, unique clients can be identified between requests, and client-side settings can be stored and used by the server.
Session cookies are cookies containing a unique session ID that is generated by the server. This session ID is used by the server to identify the client whenever it makes a request, and to associate session data with that request.
*S
| # Requirements | |
| * Python 2.7 | |
| * Google Chrome | |
| * ChromeDriver - WebDriver for Chrome | |
| - Download the latest chromedrive which is 2.28 from here - https://sites.google.com/a/chromium.org/chromedriver/downloads | |
| - Extract and move `chromedriver` file to `/usr/local/bin/chromedriver` | |
| - git clone https://github.com/li-xinyang/OS_FrontendMaster-dl | |
| - cd OS_FrontendMaster-dl |
If you hate git submodule, then you may want to give git subtree a try.
When you want to use a subtree, you add the subtree to an existing repository where the subtree is a reference to another repository url and branch/tag. This add command adds all the code and files into the main repository locally; it's not just a reference to a remote repo.
When you stage and commit files for the main repo, it will add all of the remote files in the same operation. The subtree checkout will pull all the files in one pass, so there is no need to try and connect to another repo to get the portion of subtree files, because they were already included in the main repo.
Let's say you already have a git repository with at least one commit. You can add another repository into this respository like this:
Native Module in React-Native
To get a great grip on how wo build one, read these blogs.
I bundled these up into groups and wrote some thoughts about why I ask them!
If these helped you, I'd love to hear about it!! I'm on twitter @vcarl_ or send me an email [email protected]
https://blog.vcarl.com/interview-questions-onboarding-workplace/
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
now published as https://www.swyx.io/writing/svelte-amplify-datastore
Some thoughts on the challenges of the first 2 and possibly solving them with the latter 2.
In a world where API latency is unpredictable, the way to make user interactions seem instant is essentially by lying to the user. Most implementations of optimistic updates work like this: