#development

Apis only need to be flexible enough so that the implementor can do some minimal filtering to alleviate payload size

Fair enough

Anything more will be done by them

because in reality I am the only one working on it

null helps where she can

Keep in mind that your API is not meant to be public

and I appreciate it

but shes busy as well most of hte time

😭

So a super efficient design might not be necessary

Oh, so it's private? Even better, just implement what you need

You can optimize as you need

Benchmark for what you expect the use cases to be, if it doesn’t meet your expectations, then you can redesign

My biggest problem is I am overthinking the auth system.

I don't know how to actually implement an auth system

Just use google oauth

Honestly

I've done small ones for public apis to make sure people aren't spamming it

but then I can't verify studentship

Sure you can

How so?

Look for .edu emails

I’m sure there’s a scope to access their email address

do colleges use gmail?

Most of them use username@collegewebsite.edu, either through google or Microsoft

Mostly Microsoft

For ofice365

Obviously just checking for a .edu isn’t foolproof, but it’s a good start

^

Does microsoft have oauth2 capabilities?

Yes absolutely

Wasn't sure because I honestly dont remember sites using microsoft as oauth2

well then I can just use microsoft oauth2

It's a higher chance that colleges will use microsoft than google tbh

since office365 is a thing (as haku pointed out)

And remember if u need me to test it for you I got you

Im just wondering is rust the appropriate language to write the backend in?

Or just implement both, it's an option too

Or is that in itself overkill

I actually have two .edu addresses you can test with

You just need to bind their email to a token

I was going to implement both

but micorosoft first

Aight

since its the most likely

Once one is implemented the other is easier

Oauth2 is a standard, so you'd just flip some addresses

Should I use rust for the backend? Honestly just went with it because it was something new to learn, but idk if its the most appropriate

or is it overkill

rust's web frameworks are kind of spread out and all offer different things

using something like C# that has a fleshed out web framework (ASP.NET) is likely the smarter/safer option right?

Languages are merely a tool

Indeed

If you wish to use a different tool because you feel the current one doesn’t fit, then feel free

But if you keep switching tools you’ll have to learn how to use new tools

yea

I don't know

Rust is a good option imo, but the frameworks themselves are kind of meh

I want to pick something that is right for the job and will be smoother sailing

Well, java?

💀

I really don't want to learn java

I mean, u already know c#, they're the same really

know is a strong word

I know enough to get around

But anything with REST capability will suffice

I honestly just dislike the lack the OOP nature of rust when it comes to a backend api

it has offered many challenges imo

largely due to me not being very familiar with it entirely

Java is hella easy ngl

using it for a backend api tho?

There’s like a grand total of 4 “advanced” things in Java and they’re not important to know for building a rest api

Idk how to do that

There’s a reason Java is one of the biggest languages in the world

im sure its capable to do it

It’s very good at writing REST APIs and backend server applications

I just dont know how

Guides will tell u to use springboot, but I digress, do not

Javalin and vertx are pretty much better in every way possible if u just want a REST framework

Spring comes too bloated and too obscured

Vertx is much more low level, but it's faster

Javalin is more friendly

Both have similar configuration and usage, so u can hop from one another without much fuzz

at this point im down to try anything

because as it stands now i haven't worked on CC in like weeks

https://javalin.io/

https://vertx.io/

Vertx iirc scored 3rd or 4th among all rest frameworks regarding throughput

if I use java tho I really will be working on it alone

Idk how much java null knows

Null? Null just published a java library no?

oh right she is isn't she

Also

Maven or Gradle

When I used java I preferred maven

but idk

Maven for libraries, gradle for projects

But u can use whichever u prefer

They don't matter much, they're just developer preference

For jvm you'll use graalvm, so you can build a native image for the api

graalvm?

Openjdk, openj9, oraclevm, graalvm, etc

They're jvm implementations

ic

how do I install this graalvm

Depends, how do you usually install java?

If u use intellij it'll be one of the options in the dropdown menu, if u use sdkmann u can choose it too

I installed java through homebrew

https://formulae.brew.sh/cask/graalvm-jdk

thanks

ima try and get this working real quick

get a quick api test

https://www.graalvm.org/ in case u need

ty

Out of this two which would you recommend using

I was thinking of using javalin first seeing how it feels

I used both, javalin is easier

Vertx uses a weird pipe-like method of passing requests donwstream, not anything too bad but still a bit odd

Do I need to do anything here

?

Personally I prefer groovy for dsl

But that's just cuz I'm used to it

Just click next

Yes

Oh wait

Yeah go back to jdk 21

It's the lts

bro wtf

Lmao what

Install it through intellij

Since u have it already

Click on the dropdown, then "add version"

?

Tho idk why the brew came damaged

Yes

ok

its doing its thing

macbook sounds like a leaf blower

First run to build the indexes lul

plugins {
    id("java")
}

group = "org.example"
version = "1.0-SNAPSHOT"

repositories {
    mavenCentral()
}

dependencies {
    testImplementation(platform("org.junit:junit-bom:5.10.0"))
    testImplementation("org.junit.jupiter:junit-jupiter")
}

tasks.test {
    useJUnitPlatform()
}

right do i need to do anything here?

You'll add the dependency line to the block at the bottom

Those junit things u can remove tbh, unless u plan on doing unit tests later

If u do remove, then also remove the tasks.test block

gotcha

should i change group at all?

Yes

That'd should be ur domain, reversed

icic

Or anything u feel like putting, it matters mostly if you publish a lib

right so I added that javalin dep

so ima rebuild it

Click the floating elephant

To fetch the deps

Should I del test ?

Yes

If u did delete junit

what is resources

Resources is anything that's not java code

Assets, sql files, keystores, locale, etc

Anything that you feel that should be packed together with the output jar

icic

that's neat

Oh btw, remember never to put code right inside java folder

Always put inside a package with the same name u put in group

com.misty for example

If u put code as direct children to the root it'll be in unnamed package

package io.collegecrafts;

public class Main {
    public static void Main(String[] args)
    {
        System.out.println("Hello, World");
    }
}

is his not a valid java class

I guess lowercase main

yea

intellij recognizes the entrypoint now

12:46:02 AM: Executing ':Main.main()'...

> Task :compileJava
> Task :processResources NO-SOURCE
> Task :classes

> Task :Main.main()
Hello, World

Deprecated Gradle features were used in this build, making it incompatible with Gradle 9.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

For more on this, please refer to https://docs.gradle.org/8.5/userguide/command_line_interface.html#sec:command_line_warnings in the Gradle documentation.

BUILD SUCCESSFUL in 8s
2 actionable tasks: 2 executed
12:46:11 AM: Execution finished ':Main.main()'.

Should I be worried about that deprecated thing?

Classes PascalCase, methods/variables camelCase yeah

Well, it's best not to leave it be, but won't break ur project unless you migrate to 9.0 (which isn't a thing yet)

So its not something I can fix rn?

Java libs usually give u a warning looooong before they make a breaking change so u can prepare

The don't just break on a minor release

You can, probably, depends on what the issue is

If you pass --warning-mode all arg to it it'll show u what's the issue

Usually verbose

oh all I did was use the runner in the thing

idk how to run the project without it

U can edit the args for it

Click the 3 dots next to the green button middle top of the ide

But don't bother with it for now, it'll be fine till they release gradle 9

ok

Well

time to try and make a test api

also the docs for javalin look better than 90% of the docs I saw for java libs

Oh btw, I don't remember if it comes by default

But you might need to force intellij to pull javadocs

idea {
    module {
        downloadJavadoc = true
        downloadSources = true
    }
}

Put at the end of the build.gradle file

Then add id('idea') at the top inside plugins block

SLF4J(W): No SLF4J providers were found.
SLF4J(W): Defaulting to no-operation (NOP) logger implementation
SLF4J(W): See https://www.slf4j.org/codes.html#noProviders for further details.

#########################################################################
Javalin: It looks like you don't have a logger in your project.
The easiest way to fix this is to add 'slf4j-simple':

pom.xml:
<dependency>
    <groupId>org.slf4j</groupId>
    <artifactId>slf4j-simple</artifactId>
    <version>2.0.10</version>
</dependency>

build.gradle or build.gradle.kts:
implementation("org.slf4j:slf4j-simple:2.0.10")

this is helpful

That's cuz u don't have any logger implementation

its erroring out

oh ik

U can add the suggestion at the bottom to dependencies

I was saying the error was helpful

If u added the idea plugin then just refresh deps

Cannot access 'downloadJavadoc': it is private in 'IdeaModule'

Hm, are u using kotlin dsl?

yes

you told me to just hit next

Then it's different

Add parentheses to it

I think

add parentheses to what exactly

DownloadJavadocs

And the one below

Idk how it is with kotlin

should I just swap to groovy

Just delete that block and see if ctrl + space has descriptions for autocomplete

If it does then u don't need it

It's cuz sometimes intellij doesn't pull javadocs, so u end up with empty documentation

That block is to force it

idk what im looking at

I pressed ctrl space and a menu came up with a bunch of options

Well, let's not confuse u unnecessarily, delete that block and the plugin at the top

If u ever find yourself missing the description of methods it's cuz it didn't fetch the docs

Then we can act on it

It doesn't happen always

I just don't understand discord...it's almost 3th day when we get timeout because of CF and still nothing clear when we will get access.

Did u keep trying?

No...i just turned everything off since yesterday

How do u know u don't have access?

cause when i try to return something i get "error code: 1015"

What's the error body?

NEAT

It works :)

If it's a ban then it should contain the time left till the restriction is lifted

Atta boy

It doesn't, and looks like no one knows exactly how long it stand.

Lemme check what's that status

Yeah ratelimit

Are u truly sure there's no error body?

When I was ratelimited they did supply the info regarding expiry

Ratelimit it's different, but i have this project for over 6 years

Never got ratelimited, never got CF ban

Ratelimite from cloudflare

Yep, 100% sure

It's what u call cf ban

What endpoint are u using to test? And what method?

It's not a rate limit, cause if you move to another IP you can continue to make request

It's an IP ratelimit

It's bound to ur ip, not account

As it's coming from cf not discord

I guess its time to google what CRUD is

Create read update delete

i did a little trolling (iykyk) and got cf banned

only few hours

https://discord.com/api/v9/guilds/$serverId/emojis

Aka regular rest operations

And how are u checking the body?

https://javalin.io/documentation#access-management this is cool

I'm asking because I'm 100% sure they do send the expiration, it'll tell u how long u need to wait

If anything do a simple me request, it's GET so guaranteed to have a body of some sort

Yep, it's pretty complete for the size

Rest + websockets + auth + anything else

Welp, gtg now, too late already

Cya in 8 hours, gn

gn

ty

Ima try and figure this out now

ty for the help

Right sorry if this is too late, but what postgres lib should I use?

what is faster?

number+""

or

number.toString()

Probably .toString() but the difference is probably too small to matter all that much

@quartz kindle get to work

frfr

.toString seems to be 40% faster but my benchmark might be wrong

it's roughly like this

> number + ""
1 examine the type of expr for implicit cast
2 convert number -> string (.toString())
3 add string + ""

> number.toString()
1 convert number -> string (.toString())

2 instructions less

tip: do not rely on implicit cast (what if future runtimes throws an error on mismatched types?)

and if you want to join multiple strings together, if space allows, use template literals

`... And here the number ${number}`;

I'm back

Depends

For my api I use raw sql requests through jdbc

But with hikari as the connection pooler

Java has jpa too, but depending on your usecase it might be too much overhead for little advantage

It's an orm

(Waking up for a brief second) Yea I installed that jdbc library, I am just not certain im using it correctly since the docs on it are quite wierd. Also is it pooling by default or nah?

jdbc by default is single connection

ic

I mean, not even by default, it must be

I will have to check out pooling at a later date, for now its fine

as jdbc is a direct driver, nothing in-between

ic

So if I wanted pooling I would have to do that myself or use another library?

you can do either, I prefer to let a lib handle that as there's too many little details that matter

I know pooling is something I will need at a later date

luckily for u java has standards, so as long as u have a connector class, you dont need to change anything outside of it

but idk if its worth swapping to another lib now or waiting

all connection poolers are required to give your a Connection instance

which is what u use already

icic

so its hardly any change for me

I think for now to avoid any confusion Ima just stick with it how it is now

package io.collegecrafts;

import java.io.IOException;
import java.io.InputStream;
import java.util.Properties;

public class DatabaseConfig {
    private static final Properties properties = new Properties();

    static {
        try (InputStream input = DatabaseConfig.class.getClassLoader().getResourceAsStream("db.properties")){
            if (input == null)
            {
                System.out.println("Sorry, unable to find db.properties");
                System.exit(1);
            }

            properties.load(input);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public static String getDbUrl() {
        return properties.getProperty("db.url");
    }

    public static String getDbUsername() {
        return properties.getProperty("db.username");
    }

    public static String getDbPassword() {
        return properties.getProperty("db.password");
    }
}

idk if this is appropriate tho

its something some tutorial told me to do

fuck, discord hates intellij indent

sec, I'll format it

package com.kuuhaku.controller;

import com.kuuhaku.Main;
import com.zaxxer.hikari.HikariDataSource;

import java.sql.Connection;
import java.sql.SQLException;

public abstract class Manager {
    private static final String SERVER_IP = System.getenv("SERVER_IP");
    private static final String DB_NAME = System.getenv("DB_NAME");
    private static final String DB_LOGIN = System.getenv("DB_LOGIN");
    private static final String DB_PASS = System.getenv("DB_PASS");

    private static final HikariDataSource ds = new HikariDataSource();

    static {
        ds.setDriverClassName("org.postgresql.Driver");
        ds.setJdbcUrl("jdbc:postgresql://%s/%s?currentSchema=shiro&sslmode=require&useEncoding=true&characterEncoding=UTF-8".formatted(
            SERVER_IP, DB_NAME
        ));
        ds.setUsername(DB_LOGIN);
        ds.setPassword(DB_PASS);
        ds.setMaximumPoolSize(20);

        String db = DAO.queryNative(String.class, "SELECT current_database()");
        String schema = DAO.queryNative(String.class, "SELECT current_schema()");
        Main.LOGGER.info("Connected to database {}, schema {} successfully", db, schema);
    }

    public static Connection getConnection() throws SQLException {
        return ds.getConnection();
    }

    public static long ping() {
        long curr = System.currentTimeMillis();

        DAO.queryUnmapped("SELECT 1");

        return System.currentTimeMillis() - curr;
    }
}

removed the license header so I can send it as a message

basically all I do to get a connection instance is call Manager.getConnection()

if I ever wanted to change pooling lib, it'd be a change only on that class

the rest of the code will still use whatever connection I return there

thats smart

dont worry abt the long af string, that's just me passing query params to the connection

tho I do recommend using them too, it's mostly to make sure all goes well

especially the encoding ones

you set the url twice?

oh

must've cloned it during paste

also nevermind the DAO calls, that's my data access class, I've abstracted much of the sql handling

I bring that class with me on whatever project I work on if it uses a database

lol

well I appreciate the information!

Ima head back to bed tho im tired

just remember to ALWAYS use the connection like this ```java
try (var conn = Manager.getConnection()) {
...use it here
}

this ensures whatever happens it'll close the connection

ok :)

gn

lmao

there should be zero difference because the compiler should optimize both to the same thing

i remember at some point Number(str) was fast but String(num) was slow af for some reason

but i think they fixed that already

function a(n) { return n.toString(); } a(1);
   25 S> 0000037EC4D18190 @    0 : 2f 03 00 00       GetNamedProperty a0, [0], [0]
         0000037EC4D18194 @    4 : c9                Star0
   25 E> 0000037EC4D18195 @    5 : 60 f9 03 02       CallProperty0 r0, a0, [2]
   36 S> 0000037EC4D18199 @    9 : ae                Return

function a(n) { return n+''; } a(1);
   16 S> 00000185EB598190 @    0 : 13 00             LdaConstant [0]
   24 E> 00000185EB598192 @    2 : 3b 03 00          Add a0, [0]
   28 S> 00000185EB598195 @    5 : ae                Return

function a(n) { return ''+n; } a(1);
   16 S> 0000015A25718190 @    0 : 13 00             LdaConstant [0]
         0000015A25718192 @    2 : c9                Star0
         0000015A25718193 @    3 : 0b 03             Ldar a0
   25 E> 0000015A25718195 @    5 : 3b f9 00          Add r0, [0]
   28 S> 0000015A25718198 @    8 : ae                Return

function a(n) { return `${n}`; } a(1);
   16 S> 00000257F63D8178 @    0 : 0b 03             Ldar a0
         00000257F63D817A @    2 : 7b                ToString
   30 S> 00000257F63D817B @    3 : ae                Return

function a(n) { return String(n); } a(1);
   16 S> 0000019055E98190 @    0 : 21 00 00          LdaGlobal [0], [0]
         0000019055E98193 @    3 : c9                Star0
   23 E> 0000019055E98194 @    4 : 65 f9 03 02       CallUndefinedReceiver1 r0, a0, [2]
   33 S> 0000019055E98198 @    8 : ae                Return
``` @frosty gale@civic scroll@compact pier

thanks

What in the ungodly hell

I did not wake up again for this shit

https://media.discordapp.net/attachments/636954306360246272/1216844876969283634/RDT_20240214_2303274268395095701388742.gif

v8 ir

tbh we dont know the performance characteristics of these instructions so its not guaranteed that less instructions = faster

if you can expand it more

if only i'm not lazy to go through v8 code

i wouldnt understand v8 code if i went through it

:^)

:^)

:^)

yea uhm dont do it yourself

unless you want to

which you can totally do

I just don't like doing oauth without help in rust

if you want something quick and easy use that

if not 100% do it yourself, its just a slightly more challenging thing to do

depending on the lib you use ofc for the web framework

how do you even disassemble js code

very carefully

--print-bytecode --print-bytecode-filter=fnname

there is also --print-code which is much more detailed but has no filter function, so it dumps the entire node runtime

would be cool if you could write js bytecode by hand and then run it

you basically got yourself java but the light version

wait till u find out about java native images

wtf

abstraction exists for a reason

you are defeating it

sayu sayu, good thing ur here

I need your css witchcraft, how should I approach on making a pure html/css carousel?

I'm used to making animated things, but never did something interactable

hand writing bytecode sounds like hell tho lmao

also js bytecode is not standarized, its v8 specific internals and they change instruction names and shit between versions

an acquaintance of mine wants to get a new laptop, she's interested in a used 2021 macbook pro for 600 bucks she saw in a shop

she wants me to remote access it and download pirated adobe software on it, while she is in their shop, to make sure it works before she buys it

lmao

minecraft modders: "we can mixin"

lmao

that's fairly easy, you just need to use topgg webhook

https://docs.top.gg/docs/Resources/webhooks

do like the example shows

for node.js / javascript:

ما هاذا

يسطا اقولو انا ؟ @earnest phoenix

You need to make it

How Can he make it

There is example

Also He want when someone make a vote to the bot the bot give him money such as froz

@deft wolf

يسطا ادية السكربت وقولو يعملة لينا

in your top.gg bot edit page

@earnest phoenix يسطا فية Webhooks في الاختيارات عندك شوف

خد ليهم سكرين

authorization = you invent one, like a password, you create

webhook url = your bot hosting ip and port

Which is the important form them

@quartz kindle

lol

webhook url = bot hosting ip address and port number

where is your bot hosted?

like server, vps

Bot Hosting

hosting name?

bot-hosting

i can't write it as link

.net?

yea

How he can get the port and a ip address

and Auth

You make up the auth

dj-9awdnasipdnai[0qjwnamipdna

could be your auth

i will use the same js engine

just make it something not too predictable, as this is the only thing you can use to check if the request is indeed coming from topgg

yes

Now how can he connect the script with the top.gg web

webhook url = de1.bot-hosting.net:20677/webhook
(port number correct?)

احم

انا غلطان اني بساعد

yes

auth = abc
Webhook("abc")

wtf

i just noticed there are no line breaks in discord code blocks anymore (or whatever its called)

Its anything you want, just like coming up with a password for an account. You decide what it should be

any

example: hahahamyauth123

Looks like you're just putting your URL as your auth. Which isn't secure.

.post(
   "/webhook",
   ...

no ...

was only example

yes its ok

what about port 3000?

this authorization yes?

their hosting assigns them a port

ah nvm

mb

u right

yes

no

webhook url = de1.bot-hosting.net:20677/webhook

example:
Authorization = hahaha123

new Topgg.Webhook("hahaha123");

yes

bot index.js?

click save, then click send test

see bot logs/console

clicked send test?

console.log(vote)

restart bot

send test

yes

Authorization doesn't need to be an url

But you must not show it like that, as anyone with it can send fake requests to your endpoint

Meaning people can get infinite votes by just sending simple requests

So change it, and don't show anyone

see logs again

i make test vote

good

work

click topgg send test again

topgg broken

haha

click save, reload page, click send test again

Is it really expect or except?

Its possible it has to do with the auth. Its uncommon but I've seen a special character break things.

excepto patronum

show topgg auth

it works tho, i send him a post request myself

Send tests works for me

I did write the request handler myself tho

Eh, passing the error as a param makes it look like ur expecting that value (the error msg)

No I'm not, don't want to get tetanus tyvm

hmmm, is ok

try change authorization

The auth isnt the issue.
Just checked

then what is

is it failing on topgg's side?

my test work

but topgg test not work

If your test is working, it wouldnt make sense this is the problem.

https://wiki.bot-hosting.net/guides/linking-a-domain-to-your-server

I'm honestly not sure

topgg broken

:^)

its ok, try real vote, not test

ah one more thing

try add http://

http://de1.bot-hosting.net:20667/webhook

test

lmao you're sending him too?

Nope

Taking lunch

I meant they work for my bot

who is sending him tim321 then lmao

Woo manifest yourself

I'm not sending request 😄

lmao

then i dont know, topgg bad

try reload topgg and send test again

maybe test in different browser

i dont know

try with real vote

send your bot page, i can try vote

console log?

Show code again?

can you check if his topgg settings are correct on your side?

Mods cant see webhook settings.

rip

Privacy and security :/

We hate security

the only thing i can think of is that his topgg settings are either wrong or not saved correctly

show topgg settings again

I could add the settings to my test bot page and send a test vote.

sure

Any chance domain they're using is reverse proxied?

IE its https

No derp

This would still work either way

Log worked?

i tested, https returns ssl error

on that domain

show?

show log

So, my test vote didnt work

woo will make a test

This feels like a top.gg issue

^

it worked

show your topgg webhook settings

ah

Figured it out? 👀

yes

20677

lol

Well, good stuff tim

actually it was my fault, i scrolled back up and it was my typo and he copied that

good

it works now

😄

hahaha

example for DM

client.users.cache.get(vote.user).send("you got 100 coins")

for coins, what database you use?

then maybe database[vote.user].coins += 100 ?

show your code

index.js

yes

pastebin

ok

Got a minute @quartz kindle ?

I'm still not sure how I want to handle a queue/ratelimit system for Discord webhooks.

I cant really use Bull or other queue systems because their queues an overall queue. I'd have to make a bull queue for each webhook ID.

a set for each webhook request

redisClient.sadd(`queued_webhooks:${webhookId}`, `webhookRequest:webhookv1:${entity.entity_id}:${user.user_id}`);

Then the ratelimit data like this

redisClient.hset(`rate_limit_data:${id}`, {
    limit,
    remaining,
    reset,
  });

I'm not sure if any of that makes sense 👀
The actual webhook data is in its own hash(webhookRequest:webhookv1:${entity.entity_id}:${user.user_id})

put webhook code in the end of index.js

client.once('ready', () => {
    console.log('Bot is ready!');
});

app.post(
   "/webhook",
  webhook.listener(async (vote) => {
    const userId = vote.user;
    const user = client.users.cache.get(userId);
    const reward = 100;

    if(!balances.has(userId)) {
      balances.set(userId, 0);
    }
    balances.set(userId, balances.get(userId) + reward);
    saveBalances();
    
    // send message
    await user.send("you got 100 coins");
  })
);

app.listen(20677);

sorry, not sure what exactly you're asking

you add requests into a redis queue right?

then somewhere you consume them while checking rate limits

the id for the rate limit should be webhookid+webhooktoken+bucketid

since if any of those 3 components change, the ratelimits are different

as far as i understand

I did not know redis queue was a thing 😄

redis has a lot of things, including pub sub event messages and stuff

I'm not really sure if token or bucket will matter.

Webhook tokens cant change, and the bucket wont be known until after the request anyway.
I doubt ignoring either will really matter, if they do change it just means I'm going a bit slower than the ratelimit and shouldnt harm anything.

yeah most likely

im a teapot best http message

the dm message? no

you can make ```js
.send(you got ${reward} coins);

is automatic yes

balance code

@lyric mountain where and what should I put my db creds in? A guide told me a .properties file but idk

I also assume the resources folder

what work? make test vote and see balance

I put them in env var

but u can put on .properties too, tbh anything will do, that file shouldn't be uploaded with ur project anyway

icic

and where should I put it?

resources?

or outside of the src

wherever you'll start your api

like, I like to use a bash script to execute the code

arent I building a native image?

export SOME_VAR='value'

./gradlew run

so dont I need it to be bundled with it?

then i can System.getenv("SOME_VAR")

no, it shouldn't

that file should only exist on your machine

in a way that, even if someone got your project sources, they cant get the values

like .env

what exactly do you mean by native image with graalvm?

like a .exe or a unix executable?

graalvm can compile a jar down to a literal executable

yes

right

it can AOT compile

so if I use a .env or .properties file

how does it still know what values to use?

ig the easiest thing to use would be .env

if u use System.getenv(), it'll get from the environment variables

as idk how it'd find the .properties file

if you use anything else, u can grab a file from within runtime normally like any other lang

./.properties for example

would get a file named .properties on the same folder

ic

only put inside resources what you want to bundle with the jar

u dont want to bundle ur credentials

So what if I don't want want to use a shell script to run my project

I want to just use a .env file

will it be able to find those values or do I have to load them somehow

kind of like what dotenv does in nodejs / rust

if it didn't work show errors you got or something

saying "not work" doesn't help the person helping you

why are you pinging them repeatedly

yes

u can get a file with new File("./path/to/file")

./ prefix means same folder as the jar/binary

ye

just make sure to check if the file exists, in case u forgor

logs? errors? show code

var file = new File("./path/to/file");
if (!file.exists() || file.isDirectory()) {
  System.out.println("File doesn't exist or is a folder");
  System.exit(1);
}

also refrain from using system.out

use the logger instead

right

but how does this help with a .env file

yes, u can Files.readAllLines(file)

doesnt this defeat the purpose of a .env file

I thought the entire point was to load it to the env and get it with System.getenv

the purpose of it is to have your credentials outside your code

getenv gets from environment variable

not from a .env file

.env is supposed to be for your env variables though no?

only in node

thats dumb

in java we use the actual environment variables

tho u can ofc use it too, java can parse properties files (which is the format .env uses)

var env = new Properties();
try (var stream = Files.newInputStream(Path.of("./path/to/file"))) {
  env.load(stream);
}

then u can env.getProperty("key")

put the try so u dont leave the stream open

package io.collegecrafts;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.IOException;
import java.io.InputStream;
import java.util.Properties;

public class DatabaseConfig {
    private static final Properties properties = new Properties();
    private static final Logger log = LoggerFactory.getLogger(DatabaseConfig.class);

    static {
        try (InputStream input = DatabaseConfig.class.getClassLoader().getResourceAsStream("db.properties")){
            if (input == null)
            {
                log.error("Could not find properties file");
                System.exit(1);
            }

            properties.load(input);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public static String getDbIp() {
        return properties.getProperty("db.ip");
    }

    public static String getDbUsername() {
        return properties.getProperty("db.username");
    }

    public static String getDbPassword() {
        return properties.getProperty("db.password");
    }
}
```?

hey guys, i have around 8tb worth of html data of various different sites. Does anyone know any type of anaylsis i can perform on it? I am not that creative

Uhm

dont?

u cant use getResourceAsStream if said file isn't in resources folder

it's for a project, i have to

and you cant put your credentials inside it

I mean, u can, but then if anyone sees your project they'll have the credentials

just replace that with Files.newInputStream(Path.of("the path here"))

icic

and if I do ./db.properties then it'd look in the root dir? because thats where the image eventually gets built too right or at least I can put it there after its built

it'll look at where the executable is

folder
  L executable
  L db.properties

icic ty

idk how ima test this rn tho

because its not going to exist in that path if I run it through intelliJ

its going to look in the dir where DatabaseConfig class is right?

Its probably better to use an absolute path when testing right?

and when I go to build the image I can just change it

you can use relative paths during testing, the "this folder" will be project root

how so?

new File("build.gradle") for example would get you the buildscript if running from gradlew

because it's in project root

ic

so if I use gradlew I can get anything from the root dir?

no, I think ur misunderstanding things

I most certainly am

when you run the project through gradlew, your execution path will be the gradlew script itself

right

when you execute the jar, the execution path will be the jar

as in, the file jar

yes

so I did understand

if I execute it with gradlew then where gradlew is becomes the CWD

yes

filepaths in java are relative to where u entered

yea

except if you use a leading prefix

/home for example would give u the home folder, not a folder named home

no prefix or ./ prefix = relative path
/ prefix = absolute path

just like regular paths

actually I think this is the same for every lang

yea

lol

haha you ran into those already

nice

Right so a lifetime is basically something that tells the compiler how long something will live

struct Wrapper<'a> {
  reference: &'a String,
}

fn thing<'a>(input: &'a String) -> Wrapper<'a> {
  Wrapper { reference: input }
}

Take this for example

What you are telling the compiler is that input will live as long as Wrapper does is that

and since Wrapper is a return from a function, it will live as long as whatever is calling it

So if you call thing inside your main function, it will live as long as the scope of the main function

np

The reasns lifetimes exist is becaus the compiler doesn't always know how long something will survive for

what language is this?

rust

https://tenor.com/view/old-vintage-salvage-classic-classic-cars-gif-10123571552524924650

this one

do discord webhooks automatically get crossposted if sent into an announcements channel

I think you need to publish them

At least that's how it works on the Discord Developers server for example

ugh

why isnt there an option to auto crosspost smh

It would be a nice option, that's for sure

hi code bears

i currently have a button

and a popup/tooltip, which the button toggles

i'm currently struggling with properly determining when it should close

useOnClickOutside from usehooks

callback runs whenever anything but the tooltip was clicked (so if the button gets clicked, this gets called)

and the button onclick

now the issue is, if I want to close by pressing the button, useOnClickOutside gets activated and says nty, im undoing it

i could use useDebounceCallback but this adds a delay that I prefer to not have

can i get your theme pls

atom one dark (thanks for helping ❤️)

9/10 theme, very distinct colors and everything's obvious
background colors bit bright though 💔

@id:akamud.vscode-theme-onedark

@lyric mountain

package io.collegecrafts;

import com.zaxxer.hikari.HikariDataSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.sql.Connection;
import java.sql.SQLException;

public class Database {
    private static final String DB_IP = DatabaseConfig.getDbIp();
    private static final String DB_USER = DatabaseConfig.getDbUsername();
    private static final String DB_PASS = DatabaseConfig.getDbPassword();

    private static final HikariDataSource ds = new HikariDataSource();
    private static final Logger log = LoggerFactory.getLogger(Database.class);

    static {
        ds.setDriverClassName("org.postgresql.Driver");
        ds.setJdbcUrl("jdbc:postgres://%s/collegecrafts".formatted(DB_IP));
        ds.setUsername(DB_USER);
        ds.setPassword(DB_PASS);
        ds.setMaximumPoolSize(20);
        log.info("Connected to collegecrafts successfully.");
    }

    public static Connection getConnection() throws SQLException {
        return ds.getConnection();
    }
}

So I kind of went along with what you did, but correct me if im wrong, that static won't run unless I call on a method of the class right or am I wrong?

Also, is it okay to do private static final Logger log = ...

or should i have 1 central logger

static initializer will run the moment you first reference the class

like importing it

so that could be importing it into my main file

yep, you're supposed to

yes, it's basically a way to ensure whatever is there is ran before the class becomes usable

a global constructor basically

icic

interesting

now how exactly do you use gradlew

is it just ./gradlew?

or do you need to pass args

Thank youuu (I am sorry, i am not proficient in react)

What exactly is ./gradlew run?

its not a pre-defined task is it?

if you have plugin('application') you can run it

basically u make the project runnable through gradle

in fact u can check what u can do on the right panel

Okay guys i think i finally got an idea. What would you guys think, is it complex enough?
So, on the 8tb of html data i want to filter it by crypto related content. Then i want to do a word occurence type of thing where i set apart documents per cryptocoin that are about scam related news.
Next off, from those batches i have created, i want to hash each cryptocoin to the same k-bit vector space to eventually reduce the amount of similarity functions i need to compute.
Once that's done, i will go over the reduced batches and simply compute the cosine similiarity.
Now i have successfully 1. found the cryptocoins that are most error prone, and found which things frequently go wrong (by the similarity matching i performed).

Parallelism will be hella hard but i think that i can use spark for that

Ah okay thanks :)

Is this normal?

it shows 75% executing

I also don't see anything about my database

For some reason it doesn't seem to want to connect to the db

do I have to make a call to getConnection for the db to actually connect?

has anyone ever worked with googleapis for google documents?

I can successfully create the documents but it ffs always returns me this when i go to view it:
ain't there a way to make it publicily availabe

or is that not possible

You shouldn't store access tokens in cookies

use a session system to store the access token with the session in db

1. User logs in with oauth2 provider
2. You get an access token & refresh token.
3. Store a session id in a cookie (this id will be tied to a session in the database)
4. Store this session ID in the database along with that access token & refresh token

Any subsequent requests you will fetch the session table to see if they have a session with that session id in the cookie

If so grab the access token and use it

Also note, store an expired bool alongside sessions. When your access token expires and you have to refresh it, generate a new session with updated creds, and set the expired field on the old session to true

That way you can keep track of any bad actors trying to spam your api with old session ids ( as its in a cookie people can steal them )

logs, code...

more information please

poor tim

isnt this the same guy for the past 2 days?

yea

sqlx is nice :)

right so I am looking at this microsoft oauth2 shit and I am wondering, wtf am I doing with my life rn 😭

the docs are all over the place

yes

but also no

like, if you're using jdbc then yes, it'll only connect if you get a connection

if you're using a pool then it'll just take one from the pool, favoring idle connections over creating a new one

yea

Im just trying to figure out the best way to initalize the connection

should I just wait until an endpoint that needs it is visited

or should I do it as soon as the app starts?

public class Main {
    private static final Logger log = LoggerFactory.getLogger(Main.class);

    public static void main(String[] args) throws SQLException {
        Database.getConnection();

        var app = Javalin.create()
                .get("/auth/login", new Login())
                .start(7070);
    }
}

this is what im doing rn

but this seems wrong somehow

never leave connections open

always use it like this ```java
try (var conn = Database.getConnection()) {
...use conn
}

Well then how do I start it off so that way it actually connects because as it stands now it won't unless I do something.

I guess I should just call getConnection when I need it

yes

getConnection will return u a connection

u dont need to "start" the database first

Also, do you advise I make DAO classes?

well, I only ever make 1 DAO class, which is very generic and not really a technical DAO

Well I likely would for what im building

At least I think anyways

It would save me a lot of headache

for APIs it aint worth making models or DAOs for every single thing

as they'll likely be very simple queries

and mostly read

not even for an e-commerce/marketplace api?

I mean, u can if u want make models for each entity like products

or stuff that might need a lot of processing

processing as in?

input checking for example

tho even then it all depends

sometimes u can achieve it easily with raw sql

I see

Alrighty :)

btw should I use oauth2 libraries at all

or just handle it all myself

I handle it myself, for discord at least

but u can use one

microsoft wants PCKE stuff and idrk how to do that myself

doesn't javalin have it built-in already?

maybe

doesn't look like it

unless im missing it

my biggest thing is

idrk how to handle code challenges

well

I understand I have to generate some random thing and then hash it based on the method specified e.g sha256 in this case

u a lib then in this case

but from there no idea

What libs are there?

the biggest one i see is Springboot Security Oauth2

but idk if I should use anything springboot with this

springboot would conflict with javalin

yuh

https://oauth.net/code/java/

pac4j has a javalin module iirc

https://github.com/pac4j/javalin-pac4j

oh it does!

sweet

Ty :)

out of all the clients it doesn't have a microsoft client

oh well

ill have to use the generic clients

Unless Windows Live is the one I need

but I thought they discontinued windows live

oh wait im looking at hte wrong thing

microsoft uses oidc

right so i'd use transactions btw

let mut transaction = YourConnectionVariable.begin().await.unwrap() // handle the result accordingly

let _ = query!("ALTER TABLE table DROP COLUMN email")
.execute(&mut *transaction)
.await
.unwrap() // Once again handle it however you want

transaction.commit().await.unwrap() // Again handle it however you want

Any time you are inserting, updating, deleting or altering a table use transactions

that way if something happens before the commit is called no changes are made

well no

transactions are just a way to handle things in case errors occur during it

Its not directly tied to migrations

if you aren't using transactions yes it will hard fail

and sometimes it might do stuff but fail at a certain point

depends on the query(ies) you are running

think of transactions like git

its version control in a way

If you are changing a table e.g deleting a record, inserting one or altering the columns you want to preserve that version until there are no errors right?

nah

you can do it all in one transaction

basically

Begin Transaction

Create table

Edit Table

Insert

Delete (fails)

Commit Transaction

Since the delete failed before commit was called

everything fails and nothing gets pushed to the db

preserving its state

It will only commit if there are no errors

no problem

Also

If you ever get bored of doing raw sql all the time there is an orm you can use (for future reference)

It's called diesel

yup

idk how it works tbh

because it doesn't need you to pass the connection along your functions at all

it's able to reuse the connection

so, using only css, is it possible to make something rotate from 360deg to 0deg without doing a whole rotation?

wdym a whole rotation?

Going from 360 to 0 would be a whole rotatio no?

chat what distro should i install on my laptop chat

yes, that's what I'm trying to avoid

as in, rotate to nearest, not a literal 360 rotation

no, cant use js

My brain is not computing on how to go to 0 without doing a rotation to 0

if counter() worked with calc I could just add degrees, instead of setting angle

but it doesn't

for example, if you're at 359 and move to next item, you'd expect to move 1 degree, not do a full 360

I just realized I can't test my oauth2 impl

why?

I don't have an organization account

😭

Gotta wait for waffle to come online

I theoretically have it implemented

did u do it with pac4j 🐗?

yes

how was it?

whats the boar emote for

you calling me a pig

javali is boar in portuguese

okay wait

no im wrong

I didn't implement this correctly at all

😭

I forgot im not using the client

Right so I have the client but wtf do they want me to do with it

https://www.pac4j.org/docs/clients/openid-connect.html the docs on what to do after you have the client are missing

you do whatever you'd do with the token

yea but how the heck do I get this token

at that point the auth2 transaction is complete

getProfileCreator() is your token

I think

see

i have no way of testing

😭

How does it know to redirect the user to the microsoft ad login page

cant u create a testing account on microsoft?

not an organization one

i'd need to pay for that

like, how else would devs implement oauth2 then?

they need a testing account

Well thats the thing

microsoft wont let me choose personal accounts for oauth2

or else I can do that

it has to be an organization account

I guess they assume you to be part of an organization

well

you can implement google meanwhile, until you get some account to be able to test with

should be the same thing for both

yea

How am I going to handle multiple oauth on my backend tho?

would it be like
example.com/auth/login/google & example.com/auth/callback/google
and same for azure?

I think so, oauth2 is a standard

they all have to use the same procedures

yea but I mean

on my backend is that how I should differentiate

because I will have to use separate clients

I am responding to a MODAL_SUBMIT with a DEFERRED_CHANNEL_MESSAGE_WITH_SOURCE and then posting a following up message, but i get a 400 error. this is my first time setting up a response to a modal submit so i dont know what i'm doing.

anything special you need to do to follow up a modal submit?

it gets the DEFERRED_CHANNEL_MESSAGE_WITH_SOURCE response and waits

oh wait

it needs to be an array

fuck java!!! atwood's law 4 life!!! ❤️❤️ 🤩

sea going hard

javascript jit? soon to be aot!!

Question, is it just normal oauth2?

As in is there special endpoints to use for edu accounts or whatever

I believe so

oauth2 is oauth2

well yea I meant I didn't know if google did weird shit

Bro even setting up oauth2 with google is annoying

anything thats unique enough

At the end of the day it doesn't matter what the session id is

just has to be unique

ngl

pac4j can suck my nuts

This shit is so confusing

the docs for it are TERRIBLE

I am having to read source code to figure out what to use

not to mention the examples are kinda shite as well

yknow what why don't I just use the dedicated libraries for this

ok I'm stuck at trying to find a formula

lets say you have current_index and many elements with a property index (constant for each item)

I need the value to be 1 if both values are equal, 0 otherwise

index can be bigger than current_index, and vice-versa

f(x,y) = (x - y) / (x - y) could work, if not for the zero division

Actually, I can use max for the division

Nvm, i can't

Anything dealing with 0 is going to be a hard one to solve tbh

Oh wait, found an answer, pretty stupid tbh

f(x,y) = min((x - y) * (x - y), 1)

Multiplication is to make the value unsigned

If it's 0, then it'll return zero, else it'll return 1

Nice!

Also, haku, ngl thinking of not using java this stuff blows with oauth2

I would have to do it myself, which is fine, but java is also the langauge I know the least and im not comfortable with it at all