This is part two in a series of posts. For the introduction post on how to do it all with a NuGet package, see asp.net two factor auth with google authenticator app. This article is about how to implement it manually and how it works behind the scenes. A lot of this code is based on an article by Jerrie Pelser titled Using google authenticator with asp.net identity.
If you already have an application that is utilising ASP.NET's identity service, you can made a few modifictions to include the Two Factor authentication code.
To show how this can be done, first off create a new ASP.NET application, choose "MVC", and set authentication to "Individual User Accounts". In this example we are creating a new application for managing our own movie DVD collection, so we will name it MovieManager.Read More ->
So you want to add two factor authentication to your site?
If you are adding two-factor authentication to an existing site or codebase, I would suggest that you start by creating a brand new project and adding the already-prepared NuGet package that I have prepared. This will ...
Read More ->
@voiceofapollo Volunteer organization of security geeks. Not a lot of designers among us. Still, you are right.— Bill Sempf (@sempf) January 20, 2016
Read More ->
The last couple of months we have made some nice progress on our app. It's got a cool name, "Local Linguist", and it's had a facelift and a workover by some UI guys:
Each screen is much simplier and it will also include a section for listening to audio and providing a translation in your own language.
There's also a great interview with Katrina Langford, the "change maker" (eg, product owner) for the application. I could point out that so far we've won the Rhok Hackathon ahem *twice* but there's not a lot of point other than boasting, the value is in the results, not the kudos awarded on the way - though that definitely helps keep the motivation going, we're all human after all.
Plus here is a photo of the LocalLinguist team at the recent hackathon winning the trophy!! I'm not in the photo, I wasn't there on the day, but I've somewhat contributed to the project! But even still, great job guys.
While I'm here I might as well briefly mention that I recently gave a talk on "How to change things at your company" at DDD night, which was great fun. Here's a blurry photo of me doing my thing:
You might have read the story how Carlo lost $6,500 thanks to a bug in
Visual Studio GitHub's plugin.
It turns out that the issue was caused by a checkbox not working.
So what was the problem? The issue was that it's super-easy to accidently completely break a WPF control when you're just trying to change it's color. Why? Because if you want to change it, you have to completely override the entire control. So you end up having to copy and paste the code for the entire control, and then change what you need. So to fix the issue for Carlo they had to fetch the right control template code and then put it back in. But really, that's just a bandaid over a much, much more complicated problem.
I came across this problem in 2014 and suggested a (horrible) workaround. As you can see it's not simple, but it's better than nothing.
Today I came across a brilliant explanation of c#'s await keyword. I've been trying to figure it out for a couple of weeks now and every time I read it the explanation gets too complicated too quickly. The essential problem is as follows:
And therein lies the confusion.
(BTW I'm not sure which genius came up with this. Probably the same person who came up with "Visual Studio Online" - because.. you know.. it's not actually an online version of visual studio.)
So anyway marking a method as async doesn't make it asynchronous. What the heck does it do?
Huh? Well, normally each request in IIS takes up a thread. While IIS has a bewildering number of performance tuning options it essentially has a fixed number of threads available to process simultaneous requests. Each request uses a thread. So normally, the maximum number of simultaneous requests possible comes down to the maximum number of threads. So, if suddenly 1000 users hit your app at the same time, the 1001st user's request is going to be put into a queue, and they will have to wait. Now if your queue size is say 5000, and you then suddenly get 5000 more users h...
Read More ->
Two weeks ago I spoke at the DDD Melbourne conference on the topic "How to be the best developer in the world". The talk went ok, and so I have turned it into an epic blog post:
To kick off this blog, I think that I need to state the following:I am not the best developer in the world.
I know a lot of the things that you need to learn in order to become a great developer, but just knowing these things doesn’t make it happen. Head knowledge is good, but that’s the easy part. Putting it all into practice… that’s what’s difficult. I'm still a work in progress!
So in order to become the best developer in the world you're going to have to ask yourself a pretty serious question:
"what level am I at?"
To work this out, you might compare yourself to a couple of job ads. If you start poking around the internet for software developer jobs, you’ll find things like this:
Notice how they advertise "3 years XP"? Unlike other crafts, software development does not have a well-defined methodology for working out how good a programmer is. All we go by is “years of experience” which is a pretty bad methodology - you can sit on your bum for five years, not learn anything, and you're suddenly a mid-level developer. It doesn't really mean anything. Instead of years of experience, what we need to know is competency.
Have you seen the programmers competency matrix? It's a great list, but I feel like it's missing a bunch of things.
Read More ->
Next weekend I'll be talking at DDD Melbourne on "How to be the best programmer in the word". This will be my first full length talk at a conference so I'm excited, nervous and happy all at the same time!
Trying to cover such a massive topic in 45 minutes is quite ambitious... to say the least. Obviously I won't be able to cover anything in any substantial detail, but I can hopefully point some people towards the right direction in where their next steps should be to improve their skills.
In the spirit of trying to be as organised as possible here's all of the links that I will mention in my talk:
And the most ...
Read More ->