Thank you software developers 600x600

Software developers of the world, thank you.

software software development business

Something dawned on me the other day - something pretty amazing.

So I've been a Software Engineer, Developer - whatever you want to call it, a good chunk of my life. My dad introduced me to coding back in the early 90s, I studied Software Engineering in University, and now I run my own Custom Software shop. So software development has been a big part of my life and I would say I'm pretty proud of where I am.

However, something dawned on me the other day. I've really been standing on the shoulder of giants and what's crazy is - so many of us have.

Let me explain.

If you don't develop software, what you should understand, is that software is built in layers of abstraction. As a developer, you don't need to know how electrons zip back and forth on a computer motherboard because someone built a layer on top of that that abstracts the details away from you. As a developer, you don't need to understand how certain low-level operating system operations work because someone built a layer on top of that.

But it doesn't stop there.

Let's take Ruby on Rails for example. This is my web framework of choice. Because of Ruby on Rails, I don't need to understand when someone types in a URL in their browser, how that sends a request to my code with all the information I need to build a web application. I just use that information and I'm on my way.

But it doesn't stop there.

Many other developers have developed libraries that makes it infinitely easier to send fancy email notifications, create realtime web applications, render fancy charts and more.

And you know what, it doesn't stop there.

This is the thing - as a software developer, you leverage other people's work so much. You use frameworks, libraries, code snippets - you name it. Let's take a closer look.

As an informal, non-scientific experiment, I decided to pick one of BiteSite's biggest projects and I wanted to see how much code was ours and how much wasn't. Remember, this is pretty informal, but it should give you an idea

  • Our code (~4MB)
  • Library & framework code (~527 MB)

(for the technical readers, I took the size of our Ruby on Rails app folder for "Our code" and took the "node_modules" and "gems" folders for "Library and framework code")

That's 0.75% for our code! 99.25% of the code that's being used was written by other developers.

Now this is not super scientific, and granted we're not using every bit of the framework - but it's just a small indication of how much code we're using that we didn't create ourselves. I would also say that this is probably quite typical of most applications.

Aside from the exact percentages, which only represent the code that was written - there's so much research and development that went into creating these libraries and frameworks. Not to mention that a lot of these libraries and frameworks contain the work of some of the best engineers in the world. Think about that.

I can't count the number of times a client has come to me and said "Can you do this?", I say "Probably", Google it and within minutes have an amazing solution because some developer out there coded an amazing library.

And it doesn't stop there.

The benefit goes way beyond making a software developer's life easy or making them look impressive. Because of these libraries and frameworks, the developers using them are able to build incredible apps that are the foundation for amazing businesses and companies that change the world.

And here's the kicker. They do it for free.

That's what really blew my mind as I thought about this more and more. A lot of massive, super successful companies that change the world build their software, their company, their success using free frameworks and libraries.

We have all this amazing technology at our disposal because a huge number of software developers love developing amazing technology, putting it out there, and ask nothing in return.

Don't get me wrong. I know there is sometimes a bigger business motive for some of these libraries and frameworks, but for the most part, I think software developers have developed such an incredible culture of sharing and collaborating for the greater good. I can't think of another industry that does it so well.

I've taken it for granted for so long that so much of what I do and so much of what the tech industry does is based on (and forgive the phrase) the kindness of strangers - the kindness of developers who love their craft and want to share it with the world.

So with that - I think it's time we all thank this incredible group of people who continue to provide answers to our problems, who allow us to build amazing world-changing products and businesses, and who ask for nothing in return.

Thank you to all the incredible software developers out there who have allowed me and so many others to get to where we are.

Caseyli
Casey Li
CEO & Founder, BiteSite
Defaultblog

Raw Body for Stripe Webhooks using Firebase Cloud Functions

coding firebase stripe software development

So today, I was implementing a Stripe Webhook for a Firebase application. The webhook would be implemented as a cloud function and I wanted to implement the code to verify that the request was securely coming from the proper Stripe servers.

The Stripe team has great documentation on how to do this with application like Node and Ruby. It's all documented here.

I was using Javascript in Firebase Cloud Functions so I followed the Node.js example. At one point in the documentation, they talk about verifying the authenticity of the request by calling stripe.webhooks.constructEvent and passing in a secret key, the payload from request.body, and a signature header.

However, every time I tried it, I kept getting an error about the payload not matching the signature. I was even pointed to this documentation that gave me a hint about the using the Raw Data here.

So I tried to JSON.stringify the incoming request body with no luck.

Luckily, shortly after, I realized you can easily get the rawBody contents:

exports.stripeWebhook = functions.https.onRequest((request, response) => {
  const stripeWebhookSecretKey = functions.config().stripe.webhook_secret_key;

  let event;

  ...
  const payloadData = request.rawBody;
  const payloadString = payloadData.toString();
  const webhookStripeSignatureHeader = request.headers['stripe-signature'];

  event = stripe.webhooks.constructEvent(payloadString, webhookStripeSignatureHeader, stripeWebhookSecretKey);
  ...
});

By calling request.rawBody.toString(), you can get exactly what stripe.webhooks.constructEvent needs.

Caseyli
Casey Li
CEO & Founder, BiteSite
Defaultblog

New Modules, Classes, Variables from Gem not loading in my Rails Application

ruby on rails ruby gems software development

So I just spent about 3 to 4 hours trying to debug this problem. Here's the setup

  • We have a Rails application that uses a Gem that we wrote
  • The Gem is pretty simple - a collection of classes that the Rails application can use (https://github.com/bitesite/spire-ruby)
  • Our top level gem file autoloads in files and some are within modules/namespaces

So my main task was adding a new class, within a module and no matter what I did, I would constantly get a 'constant not found' errors or something similar. I would restart my rails console, re-bundle - nothing would work.

At one point, if I manually called 'load' it would work, but not upon the initial load. I found out later that 'spring' was the issue. I'm not sure the specifics, but spring must cache the classes, modules, etc. it uses from gems.

So what's the fix? When adding new classes, modules, and requiring them in your top level my-gem.rb file, be sure to stop spring using

spring stop

so that when you restart your Rails server or console, it properly loads them. This is a super good article to learn the internals of how all this works: https://medium.com/@connorstack/understanding-ruby-load-require-gems-bundler-and-rails-autoloading-from-the-bottom-up-3b422902ca0

Caseyli
Casey Li
CEO & Founder, BiteSite
Defaultblog

Ruby on Rails 6 with JQuery UJS

ajax ruby on rails software development

Alright, like a lot of you, I'm loving that in Rails 6, we're moving all of our Javascript management to Webpacker by default. However, within this transition, we're losing a lot of the automatic functionality that we're used to getting with the asset pipeline. One of the biggest things that doesn't seem to be quite ironed out yet is UJS and specifically with AJAX calls.

In the past, we had both Rails UJS and JQuery UJS to help us automatically append a CSRF token to our non-get AJAX requests to seamlessly use Ajax calls in our Rails applications. However, now with Rails 6, it doesn't seem so easy, nor is it very clear what the correct way to do it is.

I've read a lot of articles suggesting that when going to Rails 6 with Webpacker, to replace calls like $.ajax with Rails.ajax, but I've also read contradictory articles saying that the Rails javascript library is meant as an internal library.

With that in mind, I turned my attention to JQuery UJS and it seems that even including it via Webpack is not super easy in terms of getting it working.

So as it stands now, I don't really see a clear answer on how to properly make AJAX calls in Rails 6.

I did find one article Working with Javascript in Rails, which I definitely trust, but there is one thing they mention at the very end: "When using another library to make Ajax calls, it is necessary to add the security token as a default header for Ajax calls in your library."

So that had me thinking - ok, the proper way to do it is to append the CSRF token to everyone of your AJAX calls in the header if using something like JQuery to make your Ajax calls.

While that may be correct, it seemed tedious, not to mention what UJS seemed to be doing.

So in the end, I decided for now, for Rails 6.0 apps, to just go back to the old way of doing things - let the asset pipeline manage JQuery and JQuery UJS and just let webpacker manage all the other javascript. Hopefully there will be clearer answers in the near future as to how to handle a simple ajax call via Fetch or JQuery that doesn't involve appending something to your header every time.

Alright, so how to restore the asset pipeline way of doing things...

  1. Add the jquery-rails gem to your Gemfile and bundle
  2. Edit your app/assets/config/manifest.js file to include a new javascripts folder

    //= link_tree ../images
    //= link_directory ../stylesheets .css
    //= link_directory ../javascripts .js
    
  3. Create the app/assets/javascripts folder and add a application.js file (just like old times)

  4. Add the following to the newly created application.js file (just like old times)

    //= require jquery
    //= require jquery_ujs
    
  5. As to not conflict with Rails UJS, remove the require("@rails/ujs").start() from the app/javascript/packs/application.js file

  6. Add the old include tag to layout application.html.erb ABOVE any webpack import

    <%= javascript_include_tag 'application' %>
    
  7. Code the rest of your Javascript in Webpacker

Basically what we're doing is we're using Sprockets/Asset Pipeline to set up one global javascript function: JQuery + JQuery UJS. Everything else though, we run through Webpacker.

Essentially - we're going back to Rails 5.1 ways of doing things and the catch was step 2 (restoring the Javascripts folder in the asset pipeline).

All this being said - I would love to hear what other Rails 6+ developers are doing. Are you using fetch? Are you using $.ajax? Are you using Rails.ajax? If so, are you manually appending the CSRF token? As far as I can tell, there's no real accepted way of doing this.

Let me know. Thanks for reading.

Caseyli
Casey Li
CEO & Founder, BiteSite
Defaultblog

Ruby on Rails QuickTip: Wrapping simple chunks of code in a method to give it meaning

ruby ruby on rails software

Let's say you have a model of a User. Let's say that if the user's birth year is 1990 or before, then you can't edit that user's first name. So you might have something like this:

# User Class
class User < ApplicationRecord
end

and you might have something like this

# User controller
class UsersController < ApplicationController
  def edit
    if user.birth_year <= 1990
       # don't allow editing of first name
    end
end

However, I would argue, that even though it's a really simply check, that you should put this in its own method:

# User Class
class User < ApplicationRecord
  def first_name_locked?
    birth_year <= 1990
  end
end
# User controller
class UsersController < ApplicationController
  def edit
    if user.first_name_locked?
       # don't allow editing of first name
    end
end

Very simple implementation and achieves the same result, but here are some advantages

  • The condition is now given meaning so that developers who are using it can understand its intent
  • Any developer reading any code that uses that method will understand more easily what's happening
  • If the business logic changes for locking the first name, you'll have to edit only one piece of code

So even the simplest pieces of code can benefit from wrapping them in a method.

Caseyli
Casey Li
CEO & Founder, BiteSite