Ecosyste.ms: Timeline

Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.

andreyponomarevru

andreyponomarevru created a branch on andreyponomarevru/test-github-actions-repo

main

andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Chat/WebSocket: Don't send `created_at` prop of chat messages from client
Chat (WebSockets) don't send `created_at` prop of chat messages from client, it should be created by backend only otherwise user can fake it.
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Add db tests / redesign the way you seed DB
# Database - to populate db with fake data from `./fake-data`, issue this: ```sql # 3. Seed with testing data # TODO we should not seed db with this data. Remove all this files, # but y...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Add chat comments pagination
**Chat comments pagination**: autoloading of comments on Mixlr is implemented as follows: you scroll 50 messages, than React detects the end of display messages and shows "loading" bar, retrieving ...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Rethink how you implement authoriZation
- the way you've build your authorization is not good; try to decouple everything as much as possible and keep it DRY refer to Fab** code
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Security: Fix frontend auth
**HTTP Auth (cookie session)** Assume the situation: I had flushed my Redis db, deleting all current sessions. What now happens to logged in users? When they type in chat input field and press "S...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Protect the app from DDOS
- **denial of service attack** — implement rate limiting — store everything in Redis - Additionally, to prevent an attacker that did not steal your database from renting a bot net and brute-forc...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Limit user login attempts
- **address guessing attack** AKA **rate-limiting** [Best way to limit (and record) login attempts](https://stackoverflow.com/questions/580534/best-way-to-limit-and-record-login-attempts) (old answ...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Improve db perfomance
- Improve db perfomance (I've already saved these links, you can delete them here): - [PostgreSQL Indexes: First Principles](https://ieftimov.com/post/postgresql-indexes-first-principles/) - [...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Redesign user settings DB tables
- Creating user settings schema - [Dtabase design for user settings](https://stackoverflow.com/questions/10204902/database-design-for-user-settings/10228192) - [Guide to design database for RB...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Improve WebSocket reauthentication
**Sockets and authentication** ([stackoverflow](https://stackoverflow.com/questions/59813719/how-can-i-store-websocket-client-obj-on-redis-database)): When server restart all connected clients will...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Chat/WebSocket: Get old messages when new user connects to chat
**(this feature might be already implemented!)** Chat (WebSockets) **How to get old messages when new user connects to chat?** Store all messages in db and upon new user connection send him JSON ...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Protect you API from spam
Protect you API from spam bots that automatically create empty accounts: * implement reCaptcha for web users (much more important then rate limiting!) * do smth else [How to protect /signup...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Change DB design
In future it is better to extract the `email_confirmation_token` field in database to separate table and add to it `created_at` field. Then you will be able to delete signup email confirmation toke...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Check out what happends when a client is in the process of reseting email and tries to connect over WebSocket
I haven't thought through of what happends when client is in the process of reseting his email and tries to connect over websocket. Maybe everything is fine, you just need to test and diagram possi...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Create separate server on different port for superadmin user management
For superadmin user management create a separate server listening on a different port + allow requests to the VPS server on this port only from specific IPs, etc. (read OWASP "REST API Security Gui...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Add JWT auth for Source client aka Broadcaster (CLI app)
For broadcaster, there should be only JWT auth, because what will happen if I logged in (created session), stream, and at the same time try to log in via UI. The second session will be created or w...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
If cookie is not sent, do not authenticate
Fronted: currently if use is authenticated but browser havent set the cookie (alothough the server set it), the user gets logged in. This leads to errors when this authenticated user sends request ...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Auth: Allow users to ask for resending the signup confiramtion email
Use case: The user has signed up, we sent him email confirmation link, but he lost it. So he want that we resend hi a link. What to do? Currently my app doesn't handle such edge case.
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Rearchitecture/rename SQL tables and REST API endpoints
- **SQL data model (naming tables)/naming things in app/naming api endpoints**: read how mixlr does this - http://help.mixlr.com/en/articles/1075004-recording-your-mixlr-broadcast - http://hel...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Review code for the potential race-conditions
Check all your SQL queries for race conditions — I think you should edit all functions where your have two database calls and refactor them in transaction, because between first and second databate...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Review frontend routing
**Frontend Architecture** If you feel like there are problems with frontend routing you can try to architect it better with these articles - [example of routing with auth](https://stackoverflow.c...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Implement live stream update via WebSocket
**WebSocket Endpoint** — When you started streaming send signal though WS to client to reconnect to `/live` endpoint, thus when you start streaming all clients will get new stream without having to...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-backend
Retry sending sign up email
There can be situations where the user has successfully registered but my email service (Yandex) is down/errors/or doesnt work for some other reason. I need to implement retry function to send conf...
andreyponomarevru opened an issue on andreyponomarevru/livestreamer-source-client
Rename it
Client app naming ideas: * `PocketStreamer` ([reference](https://help.radio.co/en/articles/3462507-pocketstreamer)) * `Livestream Broadcaster` ([reference 1](https://www.amazon.co.uk/Livestream-Br...
Load more