languages

A TOTP1 based 2FA system has two parts. One is a client that generates the TOTP code. The other part is a server. The server verifies the code. If the client and the server-generated codes match, the server allows the inbound user to access the target system. The code usually expires after 30 seconds and then, you’ll have to regenerate it to be able to authenticate. As per RFC-62382, the server shares a base-32 encoded secret key with the client. Using this shared secret and the current UNIX timestamp, the client generates a 6-digit code. Independently, the server also generates a 6-digit code using the same secret string and its own current timestamp. If the user-entered client code matches the server-generated code, the auth succeeds. Otherwise, it fails. The client’s and the server’s current timestamp wouldn’t be an exact match. So the algorithm usually adjusts it for ~30 seconds duration.

I wrote a blog post ten years ago. How do I feel about it now?

This whole adventure began because I wanted to write a C compiler in Go. I wanted to use Chibicc, a tiny C compiler, as a basis since I could start with the first commit and add each feature since each one is a separate commit. However, Chibicc uses ...

What is the Tao of Go, and how can we work with it, like a surfer going with the waves instead of struggling against them? By being kind, simple, humble, and not striving; here’s how.

In this post you'll learn about JavaScript's Execution Context. Along the way, you'll learn other advanced topics like hoisting, the scope chain, and closures.

Blog for DoltHub, a website hosting databases made with Dolt, an open-source version-controlled SQL database with Git-like semantics.

Premise A few months ago I worked with a company which provided fully functional backend for online multiplayer games. As part of their product portfolio, they provided their customers with a cli utility, called ds-uploader (dedicated server uploader). Written in Go, this CLI helped the customer: Process all files and assets in a directory of their choice containing their game server. Synchronize each file to a remote object storage bucket (meaning to upload only files that are new or modified).

JavaScript relies on garbage collection (GC) to reclaim memory.

In this post you'll learn 5 rules for understanding JavaScript's 'this' keyword as well as JavaScript's bind, call, and apply array methods.

In this write-up, we’ll delve into how, through differential fuzzing, we uncovered a bug in Go’s exp/net HTML’s tokenizer. We’ll show potential XSS implications of this flaw. Additionally, we’ll outline how Google assessed this finding within their VRP program and guide how to engage and employ fuzzing to evaluate your software. Introduction Reminisce with me the discussion boards of 2005. Open to all, searchable from every corner, with no account needed to peek in.

Delve into the intricate world of pattern matching and discover its profound impact on code efficiency and expressiveness.

Choosing good test cases for our Go programs can be a bit hit-and-miss. What if we could automate that process? Let’s talk about randomisation, property-based testing, and Go’s built-in fuzz testing feature.

Blog for DoltHub, a website hosting databases made with Dolt, an open-source version-controlled SQL database with Git-like semantics.

I'd like to think that my understanding of 'async Rust' has increased over the past year or so. I'm 100% onboard with the basic principle: I would like to handle thousands of concurrent tasks using...

In this blog post, we look at three ways of processing Arrays: The for-of loop The Array method .reduce() The Array method .flatMap() The goal is to help you choose between these features whenever you need to process Arrays. In case you don’t know .reduce() and .flatMap() yet, they will both be explained to you. In order to get a better feeling for how these three features work, we use each of them to implement the following functionality: Filtering an input Array to produce an output Array Mapping each input Array element to one output Array element Expanding each input Array element to zero or more output Array elements Filter-mapping (filtering and mapping in one step) Computing a summary for an Array Finding an Array element Checking a condition for all Array elements Everything we do is non-destructive: The input Array is never changed. If the output is an Array, it is always freshly created.

Codon lets users run Python code as efficiently as C or C++

What is Stream Processing

A fun and tricky JavaScript quiz

The official site of Zhenghao He, a software engineer and a TypeScript/JavaScript enthusiast.

Learn everything about the new Slog package which brings high-performance structured, and leveled logging to the Go standard library

Error handling is crucial to the longevity of any project. Learn the design pattern I use to handle errors and write cleaner code.

No JavaScript frameworks were created during the writing of this article.

Explore common causes of memory leaks in Go and learn to use Grafana Pyroscope, an open source continuous profiling solution, to find and fix these leaks.

In this article, I will explain how DTOs are used in modern Java applications, ways your application can benefit, and how Java DTOs can help you be more secure by preventing accidental data leaks.

Nowadays, we have reached an era where the most popular startups reach millions of users within less than a year. During my experience as…

Or, speeding up writing binary data in Go by 14x. Code here.