08 Sep 2018
If you’re looking for an easy way to authenticate REST API requests, you’d be in good stead to look at JSON Web Tokens (jwt.io). They are simple and well-supported on many languages and platforms.
They work like this: each URL you want to authenticate has a token added to it which contains
- A JSON dictionary or array containing parameters.
- A metadata dictionary containing expiration date, issue date, and other info.
- An encrypted hash of the parameters + metadata.
You use the hash to verify that the other two sections haven’t been changed in transit. If it matches, you can be assured of the integrity of the data.
The beauty of this process is that you can encrypt the hash using public-private key pairs. You keep the private key secured on your server and push the public key into your iOS, Android, and Web apps. Then the apps can verify that any link they got matches what the server sent. If you have a secure way to get another private key into your clients, then they can encrypt JWT for the server to verify too.
I don’t know about you, but I’ve “invented” several ways to do this over the years before I discovered JWT. Now I’m done making up crazy verification methods and can use the standard. Woot!
If you do decide to use JWT in your apps, I’d like to recommend SwiftyJWT (Cocoapods link). It’s clean, easy, and I just fixed a bug in it so it can now handle both HMAC (symmetric keys) and RSA (asymmetric keys) algorithms for the hash. Using RSA + SwiftyJWT, I’m much less worried about people hacking my API now.
Stay safe!
01 May 2018
I’m proud to announce version 1.1 of Hex Map Maker page, now with new and improved graphics and UX design from the
talented Erika Cary. Go update your app and check it out!
13 Apr 2018
I just have to say, after deciding to make an app for the iOS App Store, the one thing I don’t worry about is how
I’m going to make the 30 different sizes of my app’s icon. That’s because App Icon Maker
is available. It’s free, it’s super easy, it has a good privacy policy, and it’ll take a 1024x1024 icon PNG and
generate all the rest of the sizes from it perfectly.
They are awesome. Go click on one of their ads to help them keep this fantastic service running.
10 Apr 2018
My old CPAN module for automating JIRA workflows too complex even for JIRA’s website, JIRA::Client::Automated, has been updated to version 1.7. The change is minor – fixing a couple of bugs and updating the links to match the new JIRA documentation website. However it’s still a useful module and is being used by several companies to make their JIRA lives easier.
JIRA::Client::Automated on MetaCPAN
06 Apr 2018
When you are taking screenshots of your app to upload to the App Store, be sure you go into the Simulator and turn off “Debug” -> “Optimize Rendering for Window Size”.
What that does is change the pixel size of the image on the screen to match the pixels of the window in which it is displayed. The upside of that is that the simulator renders faster and looks good on the screen. The downside is that when you take a screenshot, it comes out as the wrong size, because it’s a screenshot of the pixels at desktop resolution instead of iOS device resolution. Thus you will get “Screenshots are the wrong size” errors when you try to upload them to the store.