If you are currently developing a monolithic ASP.net legacy system you are probably dreaming about migrating all functionality step-by-step to a modern micro-service design with cheap Linux servers running Go. If you aren’t, then you should! But in order to do this super-stealth (without your boss finding out) you need to do this one API call at a time. Sounds easy.. if only… you were able to read ASP.net’s proprietary encrypted (secure) cookies. Well, I’ve got good news for you: Now you can! ...

There, I’ve said it! Again! It is my firm belief that it is. Instead of arguing why this is true I will try to negate the argument I hear most often from people arguing otherwise. In this post I am talking about a primary (data) store and a cache. It may help to think about a cache as a Redis or Memcache instance used by a web server and about the primary data store as a relational database server (MariaDB for instance). ...

Lesspass is a password manager without a database. Although I’m not 100% sure that it is secure, I am 100% sure that passwords are a problem that needs to be solved. Lesspass allows you to generate a password from a site name and a master password with certain characteristics. To do so it applies a 100000 iteration pbkdf2 algorithm using a SHA256 hash. It sounds good to me and I like the way that that is supposed to work. ...

I like the idea of lesspass, a password manager without a database. I’m not 100% sure that it is secure, but I am 100% sure that passwords are a problem and that we need to solve it. This system allows you to generate a password from a site name and a master password with certain characteristics. To do so it applies a 100000 iteration pbkdf2 algorithm using a SHA256 hash. It sounds good to me and I like the way that that is supposed to work. ...

In order to support databases that are better at XML than JSON (Yes, I am talking about you SQL Server) I created some code that allows you to convert (lossless) from JSON to XML (and back). Example JSON data: { "depth": false, "model": "TRX-120", "width": 100, "test": [ { "me": null }, 2.5 ], "height": null } XML data: <root type="object"> <depth type="boolean">false</depth> <model type="string">TRX-120</model> <width type="number">100</width> <test type="array"> <item type="object"> <me type="null"/> </item> <item type="number">2.5</item> </test> <height type="null"/> </root> The functions ’json2xml’ and ‘xml2json’ convert from JSON to XML and back. ...

How should a RESTful JSON-based API handle counters (atomic increments)? In this post I’ll try to describe the considerations and do an implementation suggestion using the “PATCH” HTTP method. Atomic increments When counting events, such as people visiting a web page, it may be cheaper to increment a counter than to insert a log record. But when dealing with many increments per second you cannot simply read a value in one call and then write the incremented value back in the next call. The concurrent updates would cause issues and increments would get lost. This is the problem I am trying to solve. ...

In a quest for the ultimate micro-service technology I have ported the core of PHP-CRUD-API to Java. It is a REST API that reflects the tables in your MySQL database. You can find the code on my Github account. I have found Java to be extremely fast. At 14000 requests per second it outperforms implementations in all other languages (that I tried): Java, 14000 req/sec (source code) Go, 12000 req/sec (source code) PHP 7, 6500 req/sec (source code) C# (.net Core), 5000 req/sec (source code) Node.js, 4200 req/sec (source code) Python, 2600 req/sec (source code) If you feel any code can be improved, please open an issue on Github! ...

I have written a simple REST API in Node.js. It includes routing a JSON REST request, converting it into SQL, executing it and giving a meaningful response. I tried to write the application as short as possible and came up with these 110 lines of code: var http = require("http"); var mysql = require("mysql"); // connect to the mysql database var pool = mysql.createPool({ connectionLimit: 100, //important host: 'localhost', user: 'my_username', password: 'my_password', database: 'my_database', charset: 'utf8', debug: false }); // ensure request has database connection var withDb = function (handler) { return function (req, resp) { pool.getConnection(function (err, connection) { if (err) { resp.writeHead(404) resp.end(err); return; } req.db = connection; handler(req, resp); }); } }; // ensure request has (post) body var withBody = function (handler) { return function (req, resp) { var input = ""; req.on("data", function (chunk) { input += chunk; }); req.on("end", function () { req.body = input; handler(req, resp); }); } }; // main web handler var server = http.createServer(withDb(withBody(function (req, resp) { // get the HTTP method, path and body of the request var method = req.method; var request = req.url.replace(/^[\/]+|[\/]+$/g, '').split('/'); try { var input = JSON.parse(req.body); } catch (e) { var input = {}; } // retrieve the table and key from the path var table = req.db.escapeId(request.shift()); var key = req.db.escape(request.shift()); // create SQL based on HTTP method var sql = ''; switch (req.method) { case 'GET': sql = "select * from " + table + (key ? " where id=" + key : ''); break; case 'PUT': sql = "update " + table + " set ? where id=" + key; break; case 'POST': sql = "insert into " + table + " set ?"; break; case 'DELETE': sql = "delete " + table + " where id=" + key; break; } // execute SQL statement req.db.query(sql, input, function (err, result) { // stop using mysql connection req.db.release(); // return if SQL statement failed if (err) { resp.writeHead(404) resp.end(err); return; } // print results, insert id or affected row count resp.writeHead(200, { "Content-Type": "application/json" }) if (req.method == 'GET') { resp.end(JSON.stringify(result)); } else if (method == 'POST') { resp.end(JSON.stringify(result.insertId)); } else { resp.end(JSON.stringify(result.affectedRows)); } }); }))); server.listen(8000); The code is available on Github and is written to show you how simple it is to make a fully operational REST API in JavaScript. ...

I have ported the core of PHP-CRUD-API to Go and achieved a nice performance improvement from 6500 requests per second to 12000 requests per second. I found that PHP 7 outperforms C# with Kestrel on the .net Core platform for similar functionlity, whereas PHP 5 was still slower than C#. In PHP 7 the full program executes at roughly 2500 requests per second, which means the added logic makes you lose about two thirds of the performance. In compiled languages (like C# and Go) I expect that adding logic has a lower performance impact. ...

Every day in December I am doing a programming puzzle. The series is called Advent of Code and it follows the advent calendar approach. Every day from the 1st until the 25th of December one puzzle is unlocked. The puzzles get gradually harder and each puzzle has two parts, where the first part is easier than the second. Scores on the Leaderboard There is a leaderboard allowing you to compare yourself with other programmers. A nice 100 points are awarded to the person that solves the puzzle first and 90 to the tenth 80 to the 20th. If you don’t hit the top 100, then you can still see your rank, but you will receive 0 points. Another complicating factor is that the puzzles become available at midnight in New York (EST time). I have to get up at 6:00 in the morning to compete, not fair! Nevertheless I was proud to score 58th on the 5th of December when I actually got up early to try. ...