Friday, June 30, 2017

What Photographers Need to Know About Light: Transmission

Faster Logins With Password AutoFill in iOS 11

Hand Lettering: Scripts, Swirls, & Flourishes

Creating a Blogging App Using React, Part 2: User Sign-Up

Creating a Blogging App Using React, Part 2: User Sign-Up

In the first part of this tutorial series, you saw how to implement the sign-in functionality. In this part, you'll learn how to implement the sign-up functionality and modify the sign-in functionality to check for valid users from MongoDB.

Getting Started

Let's get started by cloning the source code from the first part of the tutorial.

Once the directory has been cloned, navigate to the project directory and install the required dependencies.

Start the Node.js server and you will have the application running at http://localhost:7777/index.html#/.

Setting Up the Back End

For this application, you'll be using MongoDB as the back end. Follow the instructions in the MongoDB official documentation to install MongoDB on Ubuntu. Once you have MongoDB installed, you'll need a connector to connect MongoDB and Node.js. Install the MongoDB Node.js driver using the Node Package Manager (or npm):

Once you have the driver installed, you should be able to require the driver in the application.

Create a file called user.js where you'll keep the user-related stuff. Inside the user.js file, require the MongoDB client-related dependencies.

You'll be using a library called assert to check the returned response. Include assert in the user.js file.

Let's name our database Blog in MongoDB, so our database URL is as shown:

Inside the user.js file, create and export a function called signup

Using the MongoDB client, try to connect to the database. Once connected, you'll log the connected message in the terminal.

Setting Up the Sign-Up Event

Once you have set up the MongoDB back end, let's implement the sign-up event. Inside the main.jsx page, include the on-change event for the name, email and password input text boxes in the signup class.

Bind the above event changes in the class constructor.

Define the state variables inside the signup class constructor.

Define the signup method inside the signup class. Inside the signup method, using the axios library, make a post method call to the signup method in the user.js file. 

Inside the signup function in the user.js file, you'll implement the database insert.

Add the /signup request handler in the app.js file as shown to handle the sign-up click event. Inside the /signup request handler function, make a call to the user.signup method.

Require the user.js file inside the app.js file.

Save the above changes and restart the server. Point your browser to http://localhost:7777/index.html#/signup and you should have the sign-up page. Click on the Sign Up button and you will have the connected message in the terminal.

Save User Details in MongoDB

To save user details in the Blog database, you'll create a collection called user. Inside the user collection, you'll keep all the user details such as name, email address, and password. The MongoClient.connect returns a db parameter using which you can insert an entry in the user collection. 

You'll make use of the insertOne method to insert a single record in the user collection. Modify the code in the signup method in user.js as shown below:

Here is the complete user.js code:

Modify the /signup request handler in the app.js file to pass in the name, email and password to the user.js signup method.

Save the above changes and restart the server. Point your browser to http://localhost:7777/index.html#/signup. Fill the user sign-up details and click the sign-up button. You will have the Saved the user sign up details. message in the server terminal. Log in to the MongoDB shell and check the user collection in the Blog database. To find the user details, enter the following command in the MongoDB shell:

The above command will display the user details in JSON format.

Implementing User Sign-In Check

In the first part of the tutorial, you hard-coded the user sign-in check since the user sign-up hasn't been implemented. Let's modify the hard-coded sign-in check and look into the MongoDB database for valid user sign-ins.

Create a function called validateSignIn in the user.js file. 

Inside the validateSignIn function, using the MongoDB client you'll connect to the Blog database and query the user table for a user with the specified username and password. You'll make use of the findOne method to query the user collection.

Check the returned result for null in case the entry is not found. 

As seen in the above code, if no entry is found, false is returned in the callback. If an entry is found, true is returned in the callback.

Here is the complete validateSignIn method:

In the /signin method in the app.js file, you'll make a call to the validateSignIn method. In the callback function, you'll check for the response. If true, it will indicate a valid sign-in, else an invalid sign-in. Here is how it looks:

Save the above changes and restart the server. Point your browser to http://localhost:7777/index.html#/. Enter a valid username and password and you will have a success message logged in the browser console. On entering an invalid username and password, it would display an error message.

Wrapping It Up

In this part of the tutorial, you saw how to implement the user sign-up process. You saw how to create the sign-up view and pass the data from the React user interface to Node.js and then save it in the MongoDB. You also modified the user sign-in functionality to check for valid user sign-in from the MongoDB database.

In the next part of the tutorial, you'll implement the add post and display post page functionality.

Source code from this tutorial is available on GitHub.

Do let us know your thoughts or any suggestions in the comments below.


Best of the Design Web: June 2017

How to Create an Editable Animated RGB Glitch Effect in Adobe Photoshop

Wednesday, June 28, 2017

Adding Physics-Based Animations to Android Apps

How to Create a Watercolor Mermaid Illustration in Adobe Illustrator

How to Make More Profit From Your Passive Income Sources

BigCommerce vs Shopify: How to Choose the Best Online Store Software

How to Print With Gridlines in Excel in 60 Seconds

Create Stunning "Iron Man" Fan Art From Scratch in Photoshop

Build an Onboarding Tour Using JavaScript in Our New Course

7 Best Weather WordPress Widgets & Plugins

Best WordPress Magazine Themes for Blog and News Websites

How to Draw a Dragon Step by Step

How to Use Cars to Add Motion to Your Video Documentary

Friday, June 23, 2017

Securing iOS Data at Rest: Encryption

Securing iOS Data at Rest: Encryption

In this post, we'll look at advanced uses of encryption for user data in iOS apps. We'll start with a high-level look at AES encryption, and then go on to look at some examples of how to implement AES encryption in Swift.

In the last post, you learned how to store data using the keychain, which is good for small pieces of information such as keys, passwords, and certificates. 

  • iOS SDK
    Securing iOS Data at Rest: The Keychain
    Collin Stuart

If you are storing a large amount of custom data that you want to be available only after the user or device authenticates, then it's better to encrypt the data using an encryption framework. For example, you may have an app that can archive private chat messages saved by the user or private photos taken by the user, or which can store the user's financial details. In these cases, you would probably want to use encryption.

There are two common flows in applications for encrypting and decrypting data from iOS apps. Either the user is presented with a password screen, or the application is authenticated with a server which returns a key to decrypt the data. 

It's never a good idea to reinvent the wheel when it comes to encryption. Therefore, we are going to use the AES standard provided by the iOS Common Crypto library.

AES

AES is a standard that encrypts data given a key. The same key used to encrypt the data is used to decrypt the data. There are different key sizes, and AES256 (256 bits) is the preferred length to be used with sensitive data.

RNCryptor is a popular encryption wrapper for iOS that supports AES. RNCryptor is a great choice because it gets you up and running very quickly without having to worry about the underlying details. It is also open source so that security researchers can analyze and audit the code.  

On the other hand, if your app deals with very sensitive information and you think your application will be targeted and cracked, you may want to write your own solution. The reason for this is that when many apps use the same code, it can make the hacker's job easier, allowing them to write a cracking app that finds common patterns in the code and applies patches to them. 

Keep in mind, though, that writing your own solution only slows down an attacker and prevents automated attacks. The protection you are getting from your own implementation is that a hacker will need to spend time and dedication on cracking your app alone. 

Whether you choose a third-party solution or choose to roll your own, it's important to be knowledgeable about how encryption systems work. That way, you can decide if a particular framework you want to use is really secure. Therefore, the rest of this tutorial will focus on writing your own custom solution. With the knowledge you'll learn from this tutorial, you'll be able to tell if you're using a particular framework securely. 

We'll start with the creation of a secret key that will be used to encrypt your data.

Create a Key

A very common error in AES encryption is to use a user's password directly as the encryption key. What if the user decides to use a common or weak password? How do we force users to use a key that is random and strong enough (has enough entropy) for encryption and then have them remember it? 

The solution is key stretching. Key stretching derives a key from a password by hashing it many times over with a salt. The salt is just a sequence of random data, and it is a common mistake to omit this salt—the salt gives the key its vitally important entropy, and without the salt, the same key would be derived if the same password was used by someone else.

Without the salt, a dictionary of words could be used to deduce common keys, which could then be used to attack user data. This is called a "dictionary attack". Tables with common keys that correspond to unsalted passwords are used for this purpose. They're called "rainbow tables".

Another pitfall when creating a salt is to use a random number generating function that was not designed for security. An example is the rand() function in C, which can be accessed from Swift. This output can end up being very predictable! 

To create a secure salt,  we will use the function SecRandomCopyBytes to create cryptographically secure random bytes—which is to say, numbers that are difficult to predict. 

To use the code, you'll need to add the following into your bridging header:
#import <CommonCrypto/CommonCrypto.h>

Here is the start of the code that creates a salt. We will add to this code as we go along:

Now we are ready to do key stretching. Fortunately, we already have a function at our disposal to do the actual stretching: the Password-Based Key Derivation Function (PBKDF2). PBKDF2 performs a function many times over to derive the key; increasing the number of iterations expands the time it would take to operate on a set of keys during a brute force attack. It is recommended to use PBKDF2 to generate your key.

Server-Side Key

You may be wondering now about the cases where you don't want to require users to provide a password within your app. Perhaps they are already authenticating with a single sign-on scheme. In this case, have your server generate an AES 256-bit (32 byte) key using a secure generator. The key should be different for different users or devices. On authenticating with your server, you can pass the server a device or user ID over a secure connection, and it can send the corresponding key back. 

This scheme has a major difference. If the key is coming from the server, the entity that controls that server has the capacity to be able to read the encrypted data if the device or data were ever obtained. There is also the potential for the key to be leaked or exposed at a later time. 

On the other hand, if the key is derived from something only the user knows—the user's password—then only the user can decrypt that data. If you are protecting information such as private financial data, only the user should be able to unlock the data. If that information is known to the entity anyway, it may be acceptable to have the server unlock the content via a server-side key.

Modes and IVs

Now that we have a key, let's encrypt some data. There are different modes of encryption, but we'll be using the recommended mode: cipher block chaining (CBC). This operates on our data one block at a time. 

A common pitfall with CBC is the fact that each next unencrypted block of data is XOR’d with the previous encrypted block to make the encryption stronger. The problem here is that the first block is never as unique as all the others. If a message to be encrypted were to start off the same as another message to be encrypted, the beginning encrypted output would be the same, and that would give an attacker a clue to figuring out what the message might be. 

To get around this potential weakness, we'll start the data to be saved with what is called an initialization vector (IV): a block of random bytes. The IV will be XOR’d with the first block of user data, and since each block depends on all blocks processed up until that point, it will ensure that the entire message will be uniquely encrypted, even if it has the same data as another message. In other words, identical messages encrypted with the same key will not produce identical results. So while salts and IVs are considered public, they should not be sequential or reused. 

We will use the same secure SecRandomCopyBytes function to create the IV.

Putting It All Together

To complete our example, we'll use the CCCrypt function with either kCCEncrypt or kCCDecrypt. Because we are using a block cipher, if the message doesn’t fit nicely into a multiple of the block size, we will need to tell the function to automatically add padding to the end. 

As usual in encryption, it is best to follow established standards. In this case, the standard PKCS7 defines how to pad the data. We tell our encryption function to use this standard by supplying the KCCOptionPKCS7Padding option. Putting it all together, here is the full code to encrypt and decrypt a string.

And here is the decryption code:

Finally, here is a test to ensure that data is decrypted correctly after encryption:

In our example, we package all the necessary information and return it as a Dictionary so that all the pieces can later be used to successfully decrypt the data. You only need to store the IV and salt, either in the keychain or on your server.

Conclusion

This completes the three-part series on securing data at rest. We have seen how to properly store passwords, sensitive pieces of information, and large amounts of user data. These techniques are the baseline for protecting stored user information in your app.

It is a huge risk when a user's device is lost or stolen, especially with recent exploits to gain access to a locked device. While many system vulnerabilities are patched with a software update, the device itself is only as secure as the user's passcode and version of iOS. Therefore it is up to the developer of each app to provide strong protection of sensitive data being stored. 

All of the topics covered so far make use of Apple's frameworks. I will leave an idea with you to think about. What happens when Apple's encryption library gets attacked? 

When one commonly used security architecture is compromised, all of the apps that rely on it are also compromised. Any of iOS's dynamically linked libraries, especially on jailbroken devices, can be patched and swapped with malicious ones. 

However, a static library that is bundled with the binary of your app is protected from this kind of attack because if you try and patch it, you end up changing the app binary. This will break the code signature of the app, preventing it from being launched. If you imported and used, for example, OpenSSL for your encryption, your app would not be vulnerable to a widespread Apple API attack. You can compile OpenSSL yourself and statically link it into your app.

So there is always more to learn, and the future of app security on iOS is always evolving. The iOS security architecture even now supports cryptographic devices and smart cards! In closing, you now know the best practices for securing data at rest, so it's up to you to follow them!

In the meantime, check out some of our other content about iOS app development and app security.

  • Security
    How to Hack Your Own App
    Tanya Janca
  • iOS
    Go Further With Swift: Animation, Networking, and Custom Controls
    Markus Mühlberger
  • Swift
    Swift From Scratch: Delegation and Properties
    Bart Jacobs

Envato Tuts+ Community Challenge: Created by You, June 2017 Edition

How to Plan an Effective Small Business Growth Strategy

How to Work With Elixir Comprehensions

How to Work With Elixir Comprehensions

Elixir is a very young programming language (emerged in 2011), but it is gaining popularity. I was initially interested in this language because when using it you can look at some common tasks programmers usually solve from a different angle. For instance, you can find out how to iterate over collections without the for cycle, or how to organize your code without classes.

Elixir has some very interesting and powerful features that may be hard to get your head around if you came from the OOP world. However, after some time it all starts to make sense, and you see how expressive the functional code can be. Comprehensions are one such feature, and this article I will explain how to work with them.

Comprehensions and Mapping

Generally speaking, a list comprehension is a special construct that allows you to create a new list based on existing ones. This concept is found in languages like Haskell and Clojure. Erlang also presents it and, therefore, Elixir has comprehensions as well.

You might ask how comprehensions are different from the map/2 function, which also takes a collection and produces a new one? That would be a fair question! Well, in the simplest case, comprehensions do pretty much the same thing. Take a look at this example:

Here I am simply taking a list with three numbers and producing a new list with all the numbers multiplied by 2. The map call can be further simplified as Enum.map( &(&1 * 2) ).

The do_something/1 function can now be rewritten using a comprehension:

This is what a basic comprehension looks like and, in my opinion, the code is a bit more elegant than in the first example. Here, once again, we take each element from the list and multiply it by 2. The el <- list part is called a generator, and it explains how exactly you wish to extract the values from your collection.

Note that we are not forced to pass a list to the do_something/1 function—the code will work with anything that is enumerable:

In this example, I am passing a range as an argument.

Comprehensions work with binstrings as well. The syntax is slightly different as you need to enclose your generator with << and >>. Let's demonstrate this by crafting a very simple function to "decipher" a string protected with a Caesar cipher. The idea is simple: we replace each letter in the word with a letter a fixed number of positions down the alphabet. I'll shift by 1 position for simplicity:

This is looking pretty much the same as the previous example except for the << and >> parts. We take a code of each character in a string, decrement it by one, and construct a string back. So the ciphered message was "elixir"!

But still, there is more than that. Another useful feature of comprehensions is the ability to filter out some elements.

Comprehensions and Filtering

Let's further extend our initial example. I am going to pass a range of integers from 1 to 20, take only the elements that are even, and multiply them by 2:

Here I had to require the Integer module to be able to use the is_even/1 macro. Also, I am using Stream to optimize the code a bit and prevent the iteration from being performed twice.

Now let's rewrite this example with a comprehension again:

So, as you see, for can accept an optional filter to skip some elements from the collection.

You are not limited to only one filter, so the following code is legit as well:

It will take all even numbers less than 10. Just don't forget to delimit filters with commas.

The filters will be evaluated for each element of the collection, and if evaluation returns true, the block is executed. Otherwise, a new element is taken. What's interesting is that generators can also be used to filter out elements by using when:

This is very similar to what we do when writing guard clauses:

Comprehensions With Multiple Collections

Now suppose we have not one but two collections at once, and we'd like to produce a new collection. For example, take all even numbers from the first collection and odd from the second one, and then multiply them:

This example illustrates that comprehensions may work with more than one collection at once. The first even number from collection1 will be taken and multiplied by each odd number from collection2. Next, the second even integer from collection1 will be taken and multiplied, and so on. The result will be: 

What's more, the resulting values are not required to be integers. For instance, you may return a tuple containing integers from the first and the second collections:

Comprehensions With the "Into" Option

Up to this point, the final result of our comprehension was always a list. This is, actually, not mandatory either. You can specify an into parameter that accepts a collection to contain the resulting value. 

This parameter accepts any structure that implements the Collectable protocol, so for example we may generate a map like this:

Here I simply said into: Map.new, which can be also replaced with into: %{}. By returning the {el1, el2} tuple, we basically set the first element as a key and the second as the value.

This example is not particularly useful, however, so let's generate a map with a number as a key and its square as a value:

In this example I am using Erlang's :math module directly, as, after all, all modules' names are atoms. Now you can easily find the square for any number from 1 to 20.

Comprehensions and Pattern Matching

The last thing to mention is that you can perform pattern matching in comprehensions as well. In some cases it may come in pretty handy.

Suppose we have a map containing employees' names and their raw salaries:

I want to generate a new map where the names are downcased and converted to atoms, and salaries are calculated using a tax rate:

In this example we define a module attribute @tax with an arbitrary number. Then I deconstruct the data in the comprehension using {name, salary} <- collection. Lastly, format the name and calculate the salary as needed, and store the result in the new map. Quite simple yet expressive.

Conclusion

In this article we have seen how to use Elixir comprehensions. You may need some time to get accustomed to them. This construct is really neat and in some situations can fit in much better than functions like map and filter. You can find some more examples in Elixir's official docs and the getting started guide.

Hopefully, you've found this tutorial useful and interesting! Thank you for staying with me, and see you soon.


How to Create 'Eid Mubarak' Money Cards for Kids in Adobe Illustrator

Thursday, June 22, 2017

38 Stylish Flyer Templates

Creating a Grocery List Manager Using Angular, Part 2: Managing Items

How to Quickly Change Themes For Google Slides (Download & Import)

How to Manipulate Colors in JavaScript Using Chroma.js

Using Celery With Django for Background Task Processing

Using Celery With Django for Background Task Processing

Web applications usually start out simple but can become quite complex, and most of them quickly exceed the responsibility of only responding to HTTP requests.

When that happens, one must make a distinction between what has to happen instantly (usually in the HTTP request lifecycle) and what can happen eventually. Why is that? Well, because when your application becomes overloaded with traffic, simple things like this make the difference. 

Operations in a web application can be classified as critical or request-time operations and background tasks, the ones that happen outside request time. These map to the ones described above: 

  • needs to happen instantly: request-time operations
  • needs to happen eventually: background tasks

Request-time operations can be done on a single request/response cycle without worrying that the operation will time out or that the user might have a bad experience. Common examples include CRUD (Create, Read, Update, Delete) database operations and user management (Login/Logout routines).

Background tasks are different as they are usually quite time-consuming and are prone to failure, mostly due to external dependencies. Some common scenarios among complex web applications include:

  • sending confirmation or activity emails
  • daily crawling and scraping some information from various sources and storing them
  • performing data analysis
  • deleting unneeded resources
  • exporting documents/photos in various formats

Background tasks are the main focus of this tutorial. The most common programming pattern used for this scenario is the Producer Consumer Architecture. 

In simple terms, this architecture can be described like this: 

  • Producers create data or tasks.
  • Tasks are put into a queue that is referred to as the task queue. 
  • Consumers are responsible for consuming the data or running the tasks. 

Usually, the consumers retrieve tasks from the queue in a first-in-first-out (FIFO) fashion or according to their priorities. The consumers are also referred to as workers, and that is the term we will be using throughout, as it is consistent with the terminology used by the technologies discussed.

What kind of tasks can be processed in the background? Tasks that:

  • are not essential for the basic functionality of the web application
  • can't be run in the request/response cycle since they are slow (I/O intensive, etc.)
  • depend on external resources that might not be available or not behave as expected
  • might need to be retried at least once
  • have to be executed on a schedule

Celery is the de facto choice for doing background task processing in the Python/Django ecosystem. It has a simple and clear API, and it integrates beautifully with Django. It supports various technologies for the task queue and various paradigms for the workers.

In this tutorial, we're going to create a Django toy web application (dealing with real-world scenarios) that uses background task processing.

Setting Things Up

Assuming you are already familiar with Python package management and virtual environments, let's install Django:

I've decided to build yet another blogging application. The focus of the application will be on simplicity. A user can simply create an account and without too much fuss can create a post and publish it to the platform. 

Set up the quick_publisher Django project:

Let's get the app started:

When starting a new Django project, I like to create a main application that contains, among other things, a custom user model. More often than not, I encounter limitations of the default Django User model. Having a custom User model gives us the benefit of flexibility.

Make sure to check out the Django documentation if you are not familiar with how custom user models work.

Now we need to tell Django to use this User model instead of the default one. Add this line to the quick_publisher/settings.py file:

We also need to add the main application to the INSTALLED_APPS list in the quick_publisher/settings.py file. We can now create the migrations, apply them, and create a superuser to be able to log in to the Django admin panel:

Let's now create a separate Django application that's responsible for posts:

Let's define a simple Post model in publisher/models.py:

Hooking the Post model with the Django admin is done in the publisher/admin.py file like this:

Finally, let's hook the publisher application with our project by adding it to the INSTALLED_APPS list.

We can now run the server and head over to http://localhost:8000/admin/ and create our first posts so that we have something to play with:

I trust you've done your homework and you've created the posts. 

Let's move on. The next obvious step is to create a way to view the published posts. 

Let's associate our new view with an URL in: quick_publisher/urls.py

Finally, let's create the template that renders the post in: publisher/templates/post.html

We can now head to http://localhost:8000/the-slug-of-the-post-you-created/ in the browser. It's not exactly a miracle of web design, but making good-looking posts is beyond the scope of this tutorial.

Sending Confirmation Emails

Here's the classic scenario:

  • You create an account on a platform.
  • You provide an email address to be uniquely identified on the platform.
  • The platform checks you are indeed the owner of the email address by sending an email with a confirmation link.
  • Until you perform the verification, you are not able to (fully) use the platform.

Let's add an is_verified flag and the verification_uuid on the User model:

Let's use this occasion to add the User model to the admin:

Let's make the changes reflect in the database:

We now need to write a piece of code that sends an email when a user instance is created. This is what Django signals are for, and this is a perfect occasion to touch this subject. 

Signals are fired before/after certain events occur in the application. We can define callback functions that are triggered automatically when the signals are fired. To make a callback trigger, we must first connect it to a signal.

We're going to create a callback that will be triggered after a User model has been created. We'll add this code after the User model definition in: main/models.py

What we've done here is we've defined a user_post_save function and connected it to the post_save signal (one that is triggered after a model has been saved) sent by the User model.

Django doesn't just send emails out on its own; it needs to be tied to an email service. For the sake of simplicity, you can add your Gmail credentials in quick_publisher/settings.py, or you can add your favourite email provider. 

Here's what Gmail configuration looks like:

To test things out, go into the admin panel and create a new user with a valid email address you can quickly check. If all went well, you'll receive an email with a verification link. The verification routine is not ready yet. 

Here's how to verify the account:

Hook the views up in: quick_publisher/urls.py

Also, remember to create a home.html file under main/templates/home.html. It will be rendered by the home view.

Try to run the entire scenario all over again. If all is well, you'll receive an email with a valid verification URL. If you'll follow the URL and then check in the admin, you can see how the account has been verified.

Sending Emails Asynchronously

Here's the problem with what we've done so far. You might have noticed that creating a user is a bit slow. That's because Django sends the verification email inside the request time. 

This is how it works: we send the user data to the Django application. The application creates a User model and then creates a connection to Gmail (or another service you selected). Django waits for the response, and only then does it return a response to our browser. 

Here is where Celery comes in. First, make sure it is installed:

We now need to create a Celery application in our Django application:

Celery is a task queue. It receives tasks from our Django application, and it will run them in the background. Celery needs to be paired with other services that act as brokers. 

Brokers intermediate the sending of messages between the web application and Celery. In this tutorial, we'll be using Redis. Redis is easy to install, and we can easily get started with it without too much fuss.

You can install Redis by following the instructions on the Redis Quick Start page. You'll need to install the Redis Python library, pip install redis, and the bundle necessary for using Redis and Celery: pip install celery[redis].

Start the Redis server in a separate console like this: $ redis-server

Let's add the Celery/Redis related configs into quick_publisher/settings.py:

Before anything can be run in Celery, it must be declared as a task. 

Here's how to do this:

What we've done here is this: we moved the sending verification email functionality in another file called tasks.py

A few notes:

  • The name of the file is important. Celery goes through all the apps in INSTALLED_APPS and registers the tasks in tasks.py files.
  • Notice how we decorated the send_verification_email function with @app.task. This tells Celery this is a task that will be run in the task queue.
  • Notice how we expect as argument user_id rather than a User object. This is because we might have trouble serializing complex objects when sending the tasks to Celery. It's best to keep them simple.

Going back to main/models.py, the signal code turns into:

Notice how we call the .delay method on the task object. This means we're sending the task off to Celery and we don't wait for the result. If we used send_verification_email(instance.pk) instead, we would still be sending it to Celery, but would be waiting for the task to finish, which is not what we want.

Before you start creating a new user, there's a catch. Celery is a service, and we need to start it. Open a new console, make sure you activate the appropriate virtualenv, and navigate to the project folder.

This starts four Celery process workers. Yes, now you can finally go and create another user. Notice how there's no delay, and make sure to watch the logs in the Celery console and see if the tasks are properly executed. This should look something like this:

Periodic Tasks With Celery

Here's another common scenario. Most mature web applications send their users lifecycle emails in order to keep them engaged. Some common examples of lifecycle emails:

  • monthly reports
  • activity notifications (likes, friendship requests, etc.)
  • reminders to accomplish certain actions ("Don't forget to activate your account")

Here's what we're going to do in our app. We're going to count how many times every post has been viewed and send a daily report to the author. Once every single day, we're going to go through all the users, fetch their posts, and send an email with a table containing the posts and view counts.

Let's change the Post model so that we can accommodate the view counts scenario.

As always, when we change a model, we need to migrate the database:

Let's also modify the view_post Django view to count views:

It would be useful to display the view_count in the template. Add this <p>Viewed times</p> somewhere inside the publisher/templates/post.html file. Do a few views on a post now and see how the counter increases.

Let's create a Celery task. Since it is about posts, I'm going to place it in publisher/tasks.py:

Every time you make changes to the Celery tasks, remember to restart the Celery process. Celery needs to discover and reload tasks. Before creating a periodic task, we should test this out in the Django shell to make sure everything works as intended:

Hopefully, you received a nifty little report in your email. 

Let's now create a periodic task. Open up quick_publisher/celery.py and register the periodic tasks:

So far, we created a schedule that would run the task publisher.tasks.send_view_count_report every minute as indicated by the crontab() notation. You can also specify various Celery Crontab schedules

Open up another console, activate the appropriate environment, and start the Celery Beat service. 

The Beat service's job is to push tasks in Celery according to the schedule. Take into account that the schedule makes the send_view_count_report task run every minute according to the setup. It's good for testing but not recommended for a real-world web application.

Making Tasks More Reliable

Tasks are often used to perform unreliable operations, operations that depend on external resources or that can easily fail due to various reasons. Here's a guideline for making them more reliable:

  • Make tasks idempotent. An idempotent task is a task that, if stopped midway, doesn't change the state of the system in any way. The task either makes full changes to the system or none at all.
  • Retry the tasks. If the task fails, it's a good idea to try it again and again until it's executed successfully. You can do this in Celery with Celery Retry. One other interesting thing to look at is the Exponential Backoff algorithm. This could come in handy when thinking about limiting unnecessary load on the server from retried tasks.

Conclusions

I hope this has been an interesting tutorial for you and a good introduction to using Celery with Django. 

Here are a few conclusions we can draw:

  • It's good practice to keep unreliable and time-consuming tasks outside the request time.
  • Long-running tasks should be executed in the background by worker processes (or other paradigms).
  • Background tasks can be used for various tasks that are not critical for the basic functioning of the application.
  • Celery can also handle periodic tasks using the celery beat service.
  • Tasks can be more reliable if made idempotent and retried (maybe using exponential backoff).

How to Create a Shadow Conceptual Photo Manipulation With Adobe Photoshop

A Photographer's Guide to Contrast

Wednesday, June 21, 2017

How to Create a Stylish Accessories Icon Pack in Adobe Illustrator

Android Design Patterns: The Observer Pattern

Android Design Patterns: The Observer Pattern

What Is the Observer Pattern?

The Observer Pattern is a software design pattern that establishes a one-to-many dependency between objects. Anytime the state of one of the objects (the "subject" or "observable") changes, all of the other objects ("observers") that depend on it are notified.

Let's use the example of users that have subscribed to receive offers from Envato Market via email. The users in this case are observers. Anytime there is an offer from Envato Market, they get notified about it via email. Each user can then either buy into the offer or decide that they might not be really interested in it at that moment. A user (an observer) can also subscribe to receive offers from another e-commerce marketplace if they want and might later completely unsubscribe from receiving offers from any of them. 

This pattern is very similar to the Publish-Subscribe pattern. The subject or observable publishes out a notification to the dependent observers without even knowing how many observers have subscribed to it, or who they are—the observable only knows that they should implement an interface (we'll get to that shortly), without worrying about what action the observers might perform.

Benefits of the Observer Pattern

  • The subject knows little about its observers. The only thing it knows is that the observers implement or agree to a certain contract or interface. 
  • Subjects can be reused without involving their observers, and the same goes for observers too.
  • No modification is done to the subject to accommodate a new observer. The new observer just needs to implement an interface that the subject is aware of and then register to the subject.  
  • An observer can be registered to more than one subject it's registered to.

All these benefits give you loose coupling between modules in your code, which enables you to build a flexible design for your application. In the rest of this post, we'll look at how to create our own Observer pattern implementation, and we'll also use the built-in Java Observer/Observable API as well as looking into third-party libraries that can offer such functionality. 

Building Our Own Observer Pattern

1. Create the Subject Interface

We start by defining an interface that subjects (observables) will implement.

In the code above, we created a Java Interface with three methods. The first method registerObserver(), as it says, will register an observer of type RepositoryObserver (we'll create that interface shortly) to the subject. removeObserver() will be called to remove an observer that wants to stop getting notifications from the subject, and finally, notifyObserver() will send a broadcast to all observers whenever there is a change. Now, let's create a concrete subject class that will implement the subject interface we have created:

The class above implements the Subject interface. We have an ArrayList that holds the observers and then creates it in the private constructor. An observer registers by being added to the ArrayList and likewise, unregisters by being removed from the  ArrayList

Note that we are simulating a network request to retrieve the new data. Once the setUserData() method is called and given the new value for the full name and age, we call the notifyObservers() method which, as it says, notifies or sends a broadcast to all registered observers about the new data change. The new values for the full name and age are also passed along. This subject can have multiple observers but, in this tutorial, we'll create just one observer. But first, let's create the observer interface. 

2. Create the Observer Interface

In the code above, we created the observer interface which concrete observers should implement. This allows our code to be more flexible because we are coding to an interface instead of a concrete implementation. A concrete Subject class does not need to be aware of the many concrete observers it may have; all it knows about them is that they implement the RepositoryObserver interface. 

Let's now create a concrete class that implements this interface.

The first thing to notice in the code above is that UserProfileActivity implements the RepositoryObserver interface—so it must implement the method onUserDataChanged(). In the onCreate() method of the Activity, we got an instance of the UserDataRepository which we then initialized and finally registered this observer to. 

In the onDestroy() method, we want to stop getting notifications, so we unregister from receiving notifications. 

In the onUserDataChanged() method, we want to update the TextView widgets—mTextViewUserFullName and mTextViewUserAge—with the new set of data values.  

Right now we just have one observer class, but it's possible and easy for us to create other classes that want to be observers of the UserDataRepository class. For example, we could easily have a SettingsActivity that wants to also be notified about the user data changes by becoming an observer. 

Push and Pull Models

In the example above, we are using the push model of the observer pattern. In this model, the subject notifies the observers about the change by passing along the data that changed. But in the pull model, the subject will still notify the observers, but it does not actually pass the data that changed. The observers then pull the data they need once they receive the notification. 

Utilising Java's Built-In Observer API

So far, we have created our own Observer pattern implementation, but Java has built-in Observer / Observable support in its API. In this section, we are going to use this. This API simplifies some of the implementation, as you'll see. 

1. Create the Observable

Our UserDataRepository—which is our subject or observable—will now extend the java.util.Observable superclass to become an Observable. This is a class that wants to be observed by one or more observers. 

Now that we have refactored our UserDataRepository class to use the Java Observable API, let's see what has changed compared to the previous version. The first thing to notice is that we are extending a super class (this means that this class can't extend any other class) and not implementing an interface as we did in the previous section. 

We are no longer holding an ArrayList of observers; this is handled in the super class. Similarly, we don't have to worry about registration, removal, or notification of observers—java.util.Observable is handling all of those for us. 

Another difference is that in this class we are employing a pull style. We alert the observers that a change has happened with notifyObservers(), but the observers will need to pull the data using the field getters we have defined in this class. If you want to use the push style instead, then you can use the method notifyObservers(Object arg) and pass the changed data to the observers in the object argument. 

The setChanged() method of the super class sets a flag to true, indicating that the data has changed. Then you can call the notifyObservers() method. Be aware that if you don't call setChanged() before calling notifyObsevers(), the observers won't be notified. You can check the value of this flag by using the method hasChanged() and clear it back to false with clearChanged(). Now that we have our observable class created, let's see how to set up an observer also.  

2. Create the Observer

Our UserDataRepository observable class needs a corresponding Observer to be useful, so let's refactor our UserProfileActivity to implement the java.util.Observer interface. 

In the onCreate() method, we add this class as an observer to the UserDataRepository observable by using the addObserver() method in the java.util.Observable super class.  

In the update() method which the observer must implement, we check if the Observable we receive as a parameter is an instance of our UserDataRepository (note that an observer can subscribe to different observables), and then we cast it to that instance and retrieve the values we want using the field getters. Then we use those values to update the view widgets. 

When the activity is destroyed, we don't need to get any updates from the observable, so we'll just remove the activity from the observer list by calling the method deleteObserver()

Libraries to Implement an Observer Pattern

If you don't want to build your own Observer pattern implementation from scratch or use the Java Observer API, you can use some free and open-source libraries that are available for Android such as Greenrobot's EventBus. To learn more about it, check out my tutorial here on Envato Tuts+.

  • Android
    Communication Within an Android App With EventBus
    Chike Mgbemena

Or, you might like RxAndroid and RxJava. Learn more about them here:

  • Android
    Getting Started With ReactiveX on Android
    Ashraff Hathibelagal

Conclusion

In this tutorial, you learned about the Observer pattern in Java: what is it, the benefits of using it, how to implement your own, using the Java Observer API, and also some third-party libraries for implementing this pattern. 

In the meantime, check out some of our other courses and tutorials on the Java language and Android app development!

  • Android SDK
    RxJava 2 for Android Apps: RxBinding and RxLifecycle
    Jessica Thornsby
  • Android SDK
    Practical Concurrency on Android With HaMeR
    Tin Megali
  • Android
    Ensure High-Quality Android Code With Static Analysis Tools
    Chike Mgbemena
  • Android SDK
    Create an Intelligent App With Google Cloud Speech and Natural Language APIs
    Ashraff Hathibelagal

12 Best Contact Form PHP Scripts

Learn the Basics of PHP for WordPress in Our New Course

Adobe Alternatives: Photo Editing Applications

How to Draw a Wolf Step by Step

Create an Illustrative Logo From a Photograph

3 Trendy Ways to Create Artistic Photo Effects With Photoshop Actions

Friday, June 16, 2017

5 Colourful Resources to Create Rainbow Photo Effects in Adobe Photoshop

International Artist Feature: Norway

How to Convert PowerPoint to Google Slides Presentations on Import

New Course on Propeller: Combining Bootstrap With Material Design

How to Handle Exceptions in Python

How to Handle Exceptions in Python

It is very common to encounter errors during the execution of a program. Two common kinds of errors that you may have to deal with are syntax errors and exceptions. Syntax errors occur when you type the code incorrectly. In such cases, the erroneous line is repeated by the parser with an arrow pointing to the earliest location where the error was detected.

Exceptions are different from syntax errors. They occur during the execution of a program when something unexpected happens. For example, let's say you are asking the user to input a number in order to perform a division. Now, if the user enters a string instead of a number and you try to divide a number by the given input, the program will output a TypeError

When you are not properly handling exceptions, the program will abruptly quit as it won't know what to do in such cases. The following code is such an example:

As long as you are entering an integral input value, the program will work correctly. However, as soon as you enter a string or even a decimal number as input, you will get a ValueError exception.

In this tutorial, you will learn how to properly handle and raise exceptions in Python.

Some Common Exceptions

Here are some basic exceptions that you might encounter when writing programs. You can read about many more built-in exceptions on the official website.

  • NameError: This exception is raised when the program cannot find a local or global name. The name that could not be found is included in the error message.
  • TypeError: This exception is raised when a function is passed an object of the inappropriate type as its argument. More details about the wrong type are provided in the error message.
  • ValueError: This exception occurs when a function argument has the right type but an inappropriate value. 
  • NotImplementedError: This exception is raised when an object is supposed to support an operation but it has not been implemented yet. You should not use this error when the given function is not meant to support the type of input argument. In those situations, raising a TypeError exception is more appropriate.
  • ZeroDivisionError: This exception is raised when you provide the second argument for a division or modulo operation as zero.
  • FileNotFoundError: This exception is raised when the file or directory that the program requested does not exist.

Just like the names above, most exceptions have self-explanatory names.

Handling an Exception

The code at the beginning of the article asked users to enter an integer as input. If the user did not provide an integer input, the program stopped execution and raised a value error exception. In this section, we will write some code to tell the user that their input is not a valid integer value.

The first step of the process is to include the code that you think might raise an exception inside the try clause. The next step is to use the except keyword to handle the exception that occurred in the above code. The modified code for the user input will look like this:

What happens here is that the program tries to execute the code inside the try clause. If no exception was raised, the program skips the except clause and the rest of the code executes normally. If an exception is raised, the program skips the remaining code inside the try clause and the type of the exception is matched with the name of the exception after the except keyword. In case of a match, the code inside the except clause is executed first, and then the rest of the code after the try clause is executed normally.

When you enter an integer as an input, the program gives you the final result of the division. When a non-integral value is provided, the program prints a message asking you to try and enter an integer again. Note that this time, the program does not abruptly quit when you provide some invalid input.

You can have multiple except clauses to handle different exceptions. Please keep in mind that these handlers will only deal with exceptions that occurred in the corresponding try clause. They will not handle any exceptions raised within other exception handlers.

You can also handle multiple exceptions using a single except clause by passing these exceptions to the clause as a tuple.

Finally, you can also leave out the name of the exception after the except keyword. This is generally not recommended as the code will now be catching all the exceptions and handling them in the same way. This is not optimal as you will be handling a TypeError exception the same way as you would have handled a ZeroDivisionError exception. When handling exceptions, it is better to be as specific as possible and only catch what you can handle.

One possible use of catching all exceptions is to properly print out the exception error on screen like the following code:

Using the Else Clause

You can also use an else clause in a try ... except statement. The else clause is meant to contain code that needs to be executed if the try clause did not raise any exceptions. This can be useful to make sure that you don't add any code to the try block whose exceptions you don't intend to catch. One thing worth mentioning is that if you decide to use an else clause, you should include it after all the except clauses but before the finally block.

In our case, we could move the line that prints the result of our division inside the else block.

Cleaning Up Using the Finally Clause

Let's say you have written some code inside the try block that is supposed to perform a task by utilizing a large amount of resources. It is important to release those resources back when you are done using them. This can be easily achieved by using the finally clause. 

The code inside the finally clause is always executed irrespective of whether the try block raised an exception. You can verify this by running the following code:

If any of the except clauses that you specified do not handle the raised exception, the same exception is raised again after the execution of code inside the finally block.

A More Complex Example

In this section, we will write a program to deal with multiple exceptions. Just like the previous examples, we will be performing some mathematical operations. However, this time we will take the input from a list.

The following code checks for two exceptions, TypeError and ValueError. The else block is used to print the factorial. You can see in the output that this code is executed only when no exception is raised.

The above code produces the following output:

Another thing worth noticing is that the code inside the finally clause is executed for each item in the list.

Final Thoughts

I hope this tutorial helped you understand exception handling in Python. Additionally, don’t hesitate to see what we have available for sale and for study in the marketplace, and don't hesitate to ask any questions and provide your valuable feedback using the feed below.

Properly handling exceptions can be very helpful in situations where exiting a program after it receives an unexpected input is not viable. If you have any questions related to exception handling in Python, please let me know in the comments.