Aldo Ziflaj bio photo

Aldo Ziflaj

Just another programming addict, with a sweet tooth for software development and cutting-edge technologies

Email Twitter Facebook Google+ LinkedIn Github

During the last 2 - 3 months I haven’t written anything on my blog and the analytics are showing me the EKG of a wooden box. Nevertheless, I haven’t been just staying around, so my Project52 is still going on. This blogpost is a fast forward, showing what interesting things I have been doing for the last 9 weeks.

Built an Authentication Mechanism for Struts2

A couple of months ago, I started a Java training on a local Software Development company. My task was developing a small web application using Struts2 and MySQL, in which one of the features to implement was the authentication system.

You can find the source code on my Github repository (aziflaj/companies). The authentication classes are grouped together in a package called auth. The Auth class is a helper class, containing static methods used for hashing the password and checking if the password given by the user is the correct one. I wrote an interceptor, called AuthInterceptor, which is the middleware that checks if the user is logged in or not, using a session variable. If that variable is not set, the interceptor checks the cookies sent by the user. If the cookies sent contain the series_identifier(a fancy name for the user id) and the remember_token and these match to the values stored in the database, then the user is considered logged in. If the user isn’t already logged in (or remembered), then he is redirected to a login page.

The cookies and the session variables checked by the above interceptor are being generated in a file called LoginAction.java, which is called when the user logs in using email and password. If a company with the given email is found and the password match, the company is added as a session variable. If the user decided to check the Remember me checkbox, a remember_token is randomly generated, stored (as a hash) in the database and sent to the user as a cookie. This cookie has an expire date 20 years in the future, making it practically permanent. The remember_token sent to the user is the one generated by the Auth.generateRememberToken() method, while the one stored in the database is the hashed version of that string. The hashed token is 113 characters long, which makes the token practically uncrackable if the database gets compromised. To make it more secure, the series_identifier cookie is sent as encrypted over HTTPS (commented as a TODO point in the code). When the user logs out, the remember token and the series identifier are invalidated.

Finished an Android Course

I managed to go through all “The Complete Android Developer Course” on Udemy, where I developed 10-12 Android applications. Most of the good apps had to use Parse as a backend service, and I liked that. But Facebook decided to close Parse down, so some times later none of the apps will work because I feel too lazy to migrate them to Heroku and Node.js… but yeah, there are migration guides on how to keep your apps up and runing, but I guess you already know that.

Still, I (and probably everyone else) would recommend to learn Android development through the Google courses, since they are more professional and Google endorsed (also, Google is doing them).

Spoke to a Conference

My Project52 challenge sure got some attention around, and I was suggested to talk more about it in a local conference called Open Source Conference ALbania – OSCAL. On its third edition this year, OSCAL is a conference with its main focus on open source and free software and hardware, with topics including GNU/Linux, Mozilla Firefox, Wikimedia, Libre Office, Arduino and plenty more. I was glad that most people liked my presentation and thought the whole project idea was a good thing.

Went Back in Time

One of the fun projects we had in school this semester was that of building a multi-process application using the C language and MPI modules. The subject of the course was “Distributed Computing” and the task was to use multiple processes to search for a file in the filesystem, using MPI to manage the processes and sockets to handle the communication between the processes. The whole purpose of this homework was to simulate file searching on a distributed grid of computers, where each process searched on a given computer.

Working with MPI wasn’t that easy though, especially when there is lack of good documentation which was never suggested. I managed to make the task run in a single machine and in a multi-machine environment, though the two weren’t really different. If I were to have fun doing this homework, I would use Vagrant to create a couple of virtual machines and then use MPI to distribute searching processes, one on each machine, and when the file was found somewhere all the other processes would stop through a broadcasted message. I have 0 experience in using Parallel Virtual Machine, but I’m given to understand that using PVM this task would have been easier.

The source code of this parallel searcher can be found on my Github account (aziflaj/parallel-searcher).

Finished a Ruby on Rails Course

Yet another course, this time for the famous Rails framework. If you don’t already know, Rails is the framework used in Twitter, Github, Airbnb, Shopify, Kickstarter, Hulu and plenty more. Even though now it’s considered an old framework and some good Ruby developers are actually leaving it, I find both Ruby and Rails code pleasing to read and write, so I decided to follow the course.

I developed four applications which are on my Github account and also hosted on Heroku. One of them is a blog, called Alpha Blog (aziflaj/alpha-blog), which was build mostly from scratch, without using many gems or rails generators; this helped me develop a good insight on how rails generators work. I wrote some automated testing code for this project, including unit, functional and integration testing. The other applications were mostly focused on both learning how to use and modify gems (like Devise) or learn 3rd party APIs like SendGrid for emails, AWS S3 for static assets serving or Stripe for online payments.

Final words

Going through this initiative is both easy and hard. It’s easy to find technologies to explore and learn; just listen all the programming buzzwords around and pick your favorite words. It’s also hard because you can’t learn a technology in just a week. You need to get some of your free time and use it to learn and develop these projects, and finding that free time is sometimes hard, especially if you want to be a good student.

It all depends on what you want to do with your Project52. My goal was to get better at being a software developer and learn the technologies I wanted to learn. Writing a blogpost-report at the end of each weekly project was an interesting activity to do, letting more and more people to know what I’ve been working on and probably inspire a couple of them to start their own similar initiative.

I guess people want to read code-oriented blogposts/articles rather than I-did-this-thing-check-it-on-Github blogposts/articles. Unfortunately, I don’t intend to do that on my blog right now. I am thinking of using this blog more as an online, software-oriented “diary” rather than follow-me-step-by-step-to-build-this blog. I am also thinking of ditching Github Pages for Medium and this might be the last blogpost I write here. So if you want to get in touch, or read any of the bla-blas I write or talk about, you can still find me on Medium or Twitter using the handle I use everywhere, aziflaj.

That being said, aziflaj out.