@itsjoshbruce@phpc.social
@itsjoshbruce@phpc.social avatar

itsjoshbruce

@itsjoshbruce@phpc.social

Time Lord. Agile Coach, User Experience designer, and software developer. Designing the human experience all around. :)

This profile is from a federated server and may be incomplete. Browse more on the original instance.

itsjoshbruce, to php
@itsjoshbruce@phpc.social avatar

It’s been so long since I did anything with authenticated users, curious about “modern” patterns and standards.

Specifically, an authenticated user wants to do something. What patterns and standards are you using for permissions?

I’m seeing middleware mentions. But, curious what else is out there. Not looking for “use Framework X” and should be testable. Doesn’t need to be web-specific as I’m just looking for patterns and standards.



itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@bobmagicii: Interesting. Do the permission names correspond to an action (method) on the controller?

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@oliver: Right in. Is it the user or the request falling through the middleware checks?

itsjoshbruce, to php
@itsjoshbruce@phpc.social avatar

Learning how to do a thing.

Pretty sure it’s possible; never tried and haven’t been pulled to do so.

PHP creates sessions. Using cookies, it creates a cookie named: PHPSESSID (or similar).

I’d like to customize this; clean and simple.

Goal: I’d like to not have the PHPSESSID cookie. Not finding it.

Thinking:

  1. Disable session cookie
  2. Implement SessionHandlerInterface
  3. Set mine as the save handler
  4. Pass my session cookie in response header

Feel like I’m missing something.

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@derickr @bhhaskin: Well done!

I didn't know session_name was a thing, and definitely clean for changing the key.

I think this will do the trick of step 1 - change the cookie key. And, step 2 - set custom ID:
session_name($sessionName);

/** Custom ID logic */

session_id($customId);

session_start();

No custom class implementing session handler interface is necessary...at least that I'm aware of as of now

Thank!

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@bhhaskin @derickr: Good looking out, and fair.

I'll go with the simple approach first. Make sure it works locally, then deploy it to production and verify it will also work there before getting too far into the rest of the solution.

Nothing sucks more than "it works on my machine" - and, your server being like "I'm not your machine. [insert maniacal laughter here]"

johannarothman, to hiring
@johannarothman@mastodon.sdf.org avatar

Consultants and Candidates: No Free Work. Ask for Reasonable Compensation https://www.jrothman.com/mpd/2024/05/consultants-and-candidates-no-free-work-ask-for-reasonable-compensation/

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@johannarothman: Reminded me of: https://www.nospec.com

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@johannarothman: Happy to share. I saw it for the first time over a decade ago. I’m surprised it’s still up.

I’ve definitely tried a lot of things for the portfolio, so to speak. Haven’t really found the one I should double down on. It probably doesn’t help that what seems to work for me is not in the spotlight of any kind.

More of a “in the shadows player.” lol

I am playing with the tagline: Give me credit, and tell your friends.

itsjoshbruce, to random
@itsjoshbruce@phpc.social avatar

I have an affinity for: Wait until the last responsible moment.

I've been contemplating Continuous Deployment on my personal site for years: https://joshbruce.com

But, before I did, I embraced the @jezhumble line: If it hurts, do it more often, and bring the pain forward.

I could deploy my sites in less than a minute using my phone by the time I hit the ceiling of the manual process I used.

Becca and I are ramping up on TIA: https://the-irreverent-agilists.com

#TheIrreverentAgilistts
#Agile
#XP

itsjoshbruce, (edited )
@itsjoshbruce@phpc.social avatar

Becca needs to be able to add content to the TIA site without waiting for me to finish her flow.

So, being a pull-based human (preferring to wait until pulled enough to action) and perfectly willing to take on responsibility (friction) for my own stuff, I set to work.

The optimized (happy path) process looked like this:

  1. Clone repo
  2. Edit content
  3. Submit PR (don't @ me)
  4. Let Continuous Integration pass
  5. Merge
  6. Launch a command line app
  7. cd into the remote repo
  8. git pull

Done

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

Becca is content with doing steps 1 through 5. So, no pull to start creating an admin panel - because that's usually where the bulk of the code lives (and most bugs).

So, we're talking about automating steps 6 through 8.

I used the base found here: https://eric.blog/2022/09/04/simple-github-webhook-handler-in-php/

It's conceptual, and a lightweight explanation and just what I needed to start and then run with it.

itsjoshbruce, (edited )
@itsjoshbruce@phpc.social avatar

I started with a public repo: https://github.com/8fold/site-joshbruce.com

For this site: https://joshbruce.com

Because I figured it would be the easiest. It was.

Then I decided to see if I could do two different repos and sites hosted on the same server and user directory.

That led me to the calling card site: https://itsjoshbruce.com

And, another public repo: https://github.com/8fold/site-itsjoshbruce.com

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

Last but not least, the TIA site.

It's a private repo, so no link.

It's on the same server but a different user directory.

So, I cloned the php-deployer script and set up an environment file (using JSON, not .ENV).

Then I did what feels like the clunky part; setting up GitHub webhooks, mainly because I'm using tokens specific to the repo doing the push.

And voila: https://the-irreverent-agilists.com

If you'd be interested in a longer (and more in-depth) write-up on how I did this, let me know.

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

It's worth noting I could have done it through GitHub Actions, but I decided against that.

In part because I don't want to be even more tightly coupled to GitHub and its infrastructure.

If I switch to some other remote Git solution, if it has webhooks, I should be able to update the script in short order (there are zero dependencies for the script I wrote, and CI through GitHub Actions says it would work in PHP 7.3, I haven't tried going farther back).

That was my Saturday. How was yours?

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

ps. The time from merge to visible so far has been less than 1 second. (Locally, the script runs in about 300ms and uses one exec call.)

jitterted, to random
@jitterted@sfba.social avatar

Using in my apps has let me turn the "no logic in HTML templates" all the way up to 11.

I am now very aware (and suspicious) of any logic being evaluated, or even things like string concatenation, being done in HTML templates.

I may have to write a tool to warn me (or fail a test!) if I start using th:if, th:unless, or anything that looks like a method call in my Thymeleaf templates.

itsjoshbruce, (edited )
@itsjoshbruce@phpc.social avatar

@jitterted: One of the things I love about the HTML builder I wrote is you literally can’t. It’s so lovely.

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@jitterted: Sure! Thanks for asking: https://github.com/8fold/php-html-builder

Part of the inspiration was also removing tokenized parsing of HTML. So, instead of “get PHP out HTML” it was “get HTML out of PHP” - it’s basically just string concatenation. lol

Very little code (a few hundred lines), and should be easy to port without becoming a full-blown project. A stable and complete build. I haven’t needed to tinker with it for years.

qcoding, to random
@qcoding@iosdev.space avatar

I'm working on my talk for @swiftcraft and am thinking of this for my closing slide:
Principles ⇒ Practices ⇒ Tools

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@qcoding @swiftcraft: I tend to agree.

Would add Values before Principles. But that’s me, literally: https://joshbruce.com/essays-and-editorials/the-self/

itsjoshbruce, to random
@itsjoshbruce@phpc.social avatar

Your dude was on another podcast: https://www.earnandinvest.com/episodes-8/where-to-invest-when-markets-are-shaky

Specifically, The Earn and Invest podcast community episode. It was great fun.

The idea of including cash in your "portfolio" was an interesting topic, and it made me think of The Universal Portfolio essay: https://joshbruce.com/essays-and-editorials/finances/the-universal-portfolio/

Winding down on Time: Mastering the Mundane, and Money: Mastering the Mundane is ramping up. I should revisit that essay to cover the logic and rationale leading to it.

#MasteringTheMundane

itsjoshbruce, to webdev
@itsjoshbruce@phpc.social avatar

One of the nice things about being able to write software is when a software company (or series of them) frustrate me enough, I can just write my own.

The drawback is actually doing it.

I’m glad I’m not a data hoarder. Trapped into using software because, “They have all my data!”

I guess we’re back in software mode…unless…

You know of a completely standalone bookkeeping application that doesn’t suck (no account connection needed).

#WebDev
#SoftwareDev

itsjoshbruce,
@itsjoshbruce@phpc.social avatar

@jbrains: Sorry it’s taken a minute…that was a great rabbit hole I just fell down!

I appreciate the ethos behind the solution. Very inspiring.

soundwarrior20, to accessibility

Hi everyone, have a question :-) does anybody have any recommendation for accessible platform style games on macOS or iOS? Thanks everyone :-) #A11Y

itsjoshbruce, (edited )
@itsjoshbruce@phpc.social avatar

@soundwarrior20 @joelanman: I’m big on consent and opting in, so I won’t add the tags here. It might be helpful to get more reach to add the: “accessibility” and “gaming” tags to your original post.

itsjoshbruce, to random
@itsjoshbruce@phpc.social avatar

Part 9 of Time: Mastering the Mundane has been made available for purchase on Leanpub: https://leanpub.com/master-the-mundane

Part 9 is about Collaboration, which often gets conflated with Delegation (Part 7).

Contribute to this project on the Open Collective: https://opencollective.com/mastering-the-mundane/projects/book-mastering-the-mundane



itsjoshbruce,
@itsjoshbruce@phpc.social avatar

All of Time: Mastering the Mundane has been made available for purchase on Leanpub: https://leanpub.com/master-the-mundane

Book page has been put up on the Mastering the Mundane website: https://mastering-the-mundane.com/books/time-mastering-the-mundane/

Typesetting for print round one is complete.

Then mass-distribution begins!

Contribute to this project on the Open Collective: https://opencollective.com/mastering-the-mundane/projects/book-mastering-the-mundane



itsjoshbruce,
@itsjoshbruce@phpc.social avatar

Time: Mastering the Mundane is on Scribl: https://www.scribl.com/books/EEDEB8/Time

We use Crowdpricing, so price is based on downloads and reviews, which means, as of this writing, it’s free.

We opted into Crowdpricing Everywhere; so, it should become available “everywhere” soon.

I found a couple of typos while recording the audiobook; corrected files should be coming soon.

The book is typeset for print and roughly half of the raw audio is recorded.



itsjoshbruce,
@itsjoshbruce@phpc.social avatar

The main book page for Time Mastering the Mundane has been updated: https://mastering-the-mundane.com/books/time-mastering-the-mundane/

Currently recording the raw audio for the audiobook and podcast variations. Have about a third recorded, and one Part through initial edits.

Found a couple of minor typos while recording. Corrected on the Leanpub version, and waiting for Scribl to let me know how to update it with them.

Print version is typeset.

So, still going as expected.



  • All
  • Subscribed
  • Moderated
  • Favorites
  • provamag3
  • rosin
  • mdbf
  • everett
  • DreamBathrooms
  • Durango
  • magazineikmin
  • thenastyranch
  • Youngstown
  • osvaldo12
  • slotface
  • vwfavf
  • khanakhh
  • kavyap
  • megavids
  • ngwrru68w68
  • cubers
  • modclub
  • tester
  • InstantRegret
  • ethstaker
  • tacticalgear
  • normalnudes
  • cisconetworking
  • anitta
  • GTA5RPClips
  • Leos
  • JUstTest
  • All magazines
    •