The Dev World - by Sergio Lema
The Dev World - by Sergio Lema
Hi, I'm Sergio Lema.
I'm Software Engineer / Software Architect. But you probably already know that. 👇
Let me introduce myself:
* I've been working with Java Web for over 15 years.
* I've worked on many industries like e-commerce, the automotive sector, finance and more.
* I've been working on microservices application, deployed on AWS and sometimes with images processing.
Up until now, that's just the usual journey of a Senior Engineer.
But this is also my passion. 🚀
* I've created a KZread channel;
* I maintain a blog;
* I write LinkedIn posts twice a week.
Follow me to read about:
* Software Architecture
* Java and Spring Boot
* DevOps and Cloud
My mission? Helping you, your team, and your company:
* Build bigger/better web apps;
* Apply best practices/security concerns;
* Use DevOps practices to automate everything.
Need a hand?
- Coaching sessions for you or your company?
- Spring Boot Academy subscription?
- Working together on a project?
Let's do it! 🤝
Пікірлер
I have watched your videoson springboot oauth2 series, they are very good! I take this chance to bring a request on springboot keycloak oauth2 authentication. Could you please make video to demo BFF pattern ( Backend for FrontEnd). BFF is thought more secure than PKCE flow?
Thanks for your comment. I add your suggestion to my todo list. I'll try to find a spot to do it
Hi jawman, I am preferring thymeleaf for my personal project over fromtend frameworks, because those frameworks are extra pain.
Could you please make video to demo BFF pattern ( Backend for FrontEnd). BFF is thought more secure than PKCE flow. Reply
Could you please make video to demo BFF pattern ( Backend for FrontEnd). BFF is thought more secure than PKCE flow.
Thank you very much. I did a lot of config but they didn't work. This worked but I had to add this corsConfiguration.setAllowedHeaders(List.of("*")); (I am working with JWT token)
how to deploy service A and service B and make REST communication between them
You have to configure the Security groups: which one has access to internet; which one can request the other.
Hello, great video! Using gateway as oauth client, how to authenticate and consume the api using Postman or insomnia? Thanks!
Thanks. It's not easy. What I do is: * log in the application using the Website * go the localstorage * copy the token * use it in Postman
How much do you sleep per 24h? Your eyes are so white, mine are so red! Also, can you do the same tutorial but with Graphql instead of REST? Thanks for the very informative tutorial.
😅 At least 6 hours. Graphql is a topic I have in my todo list, but I never found the time to investigate it
can we deploy it with free tier?
Yes, I think it's included into the free tier. Still, it's 0.02$ per Gb, I don't think a React application will cost this.
Sorry I'm dumb. When you say "and go to a terminal" (to connect to the instance). Do you mean just the command line on my local machine? Or are you talking about something in AWS? Doesn't AWS provide like 3 different ways within the console to connect to the instance? What do you mean when you say "and go to a terminal"?
tried it from the command line.... permission denied....
Go to your local machine terminal. But you need to configure it before. Check here how to do it: docs.aws.amazon.com/cli/v1/userguide/cli-chap-configure.html
@@TheDevWorldbySergioLema So I have made a lot of progress. Got a JAR file of my app onto the Linux Ec2. But when I run it, it doesn't pick up the properties from my properties file so I can't make the MYSQL DB connection. It keeps acting like it's trying to connect with root@... , But I have a ${DBUSERNAME} variable (and PW and URL) in my props file and I CANNOT get the app to pick those values up and connect with that. ANY ideas bro?
Thanks alot !
Thanks to you for watching.
How did you learn it, it's a black box, everyone uses it but no one knows about it. I'm a self learner and I don't have a company behind me, I'm unemployed, and I want to bring a product to the market, but I have to get my users securely registered or the procedure, and I'm scared because that can fall on my feet. My stack: -Angular, -Spring boot, wants the Angula app to authenticate then the user registers or logs in
It takes a lot of years to learn. Keep working on it! I'm also a self learner
Thank you so much, man, i am currently looking your second video and again it made so much clear for me. AWS was a misterum for me. So many features and things you can do there but you bring it to the point. Exactly the information you need for starting with AWS. Of course this YT channel is in my abos since now!
Thank you 😅 you made my day
Thank you so much! This made so many things clear to me. I worked with several old ways to manage my projects. From hosting my own servers (about 20 years ago) to some docker managed instances and so on. AWS was a misterium for me. So many things you can do there but you brought it to the point for me. EC2 is only a virtual machine :) And the networking is also only networking VPC (virtual private cnetwork ;))
I'm so glad you understand it better now!
@@TheDevWorldbySergioLema I am looking the next video (4 Easy Steps to Deploy ...) and I left a similar comment there. Really, it's a kind of AHAAA moment for me. thank´s again!
Thanks again!
If I deploy telegram bot using spring boot, the process is the same?
I've never tried something like this. I don't know
excellent content!! I'm ont from a anglophone country but i understand without problemes
Thank you!
Hi Sergio, thank you very much. I have a question please: what role does the userDto play in the autherization process since you registered no user ? In fact in my case I want to authenticate with Google my previously registered users Who have name, email, sellerType, address properties in a springboot registration standalone microservice. How can I handle this ? Thank you very much in advance.
This DTO is the user's information that come from Google. You can read some information like the name, email or phone number if the user accepts to share it.
@@TheDevWorldbySergioLema ok, so it means that the authentication process with Google has nothing to do with the way my users are registered in my backend registration service. If so, then how does Google Knows that the user with given email is authorized to access my app ?
The way I show in this video, I allow all the users of the world with a Google account to log in the application. If you want to restrict the access, there are several ways: * in the Google client application, configure the emails/users which have access * in your application, have a table which lists all the users which have access to your application. Add another filter in Spring Security which checks if the user authenticated with Google is also present in your table.
Ok, il makes sens to me now. Thank you !
shitty explanations
This is very good to understand Alembic. Btw note to all, video is for understanding how it works, in real world we shouldn't manually edit content in version files (it should be auto generated it for you.) What you want to edit is model files that has table schema detail.
You're right. The content files shouldn't be edited. It will cause Alembic checksum errors
saved my day, thank you!!!
You're welcome
Thanks!
Thanks to you!
@@TheDevWorldbySergioLema De rien, mon ami.
This video is comprehensive and well presented. However, there are some serious problems with this instruction if you're following the video and making sure you completely understand each step. If you're simply downloading the repo and going with that, it may work fine. The repo needs to have snapshots of the code as tested; e.g., at 35:13. I find all of the praises a bit biased.
Thank you. What I'm trying is to explain the concepts and give a repository with the same code. I can't give you a repository prepared for everything with all the data (everyone will need a different use case)
If i will put all these codes into wordpress will it still work? I struggle to find a tutorial that could explain whole coding system behind it and i just want to secure my website
Using this workflow to protect your website is good. But there are other complements (like authentication, or even HTTPS). I'm not sure to understand what you want to do with Wordpress.
I don’t understand why the csrf was disabled in the SecurityConfig? Our security team has pointed out that it should not be disabled in Security Config
It's another layer of complexity. It shouldn't be, but to speed up the development time, people disable it.
that's brilliant, please keep it up sir! I'm just wondering how one's supposed to learn all of that without guys like you?? It appears to me that there are not that many resources that go in-depth on spring security
Thank you so much for those kind words! In my case, I've learned from guys "like me" but while working. I had the chance to work with great people, great managers and great teachers. Now It's my turn to teach
II had a problem with "CORS" with WebConfig.a java file. The solution was to change the FilterRegistrationBean CorsFilter() method to @Bean public CorsFilter CorsFilter(){
Can you make a video with OAuth2 and Session token pls?
Does this video answer your questions: kzread.info/dash/bejne/q6Rmmsluca3JqrA.html
angular httpclientmodule deprecated 😭😭😢😢😢😢
Oh yes? Those things get deprecated very quickly
Excellent simple and very useful, thank you Sergio
Thanks to you for watching!
Does this also work when using Facebook for registration instead of Google?
Yes, it's the same workflow.
👍👍👍
Thanks Aziz!
Thanks, I really like this kind of videos talking about Data Structures and Algorithms. But I'm still curious about a thing, I saw at the end that there's more "performant" solution when the rank is displayed on the results histogram, I'm wondering what did they use ?
Yes, I saw it too. I really don't know. Maybe it's a matter of chance, language used or paying subscription 😅.
@@TheDevWorldbySergioLema I think it's assembly may be
Very helpful video! I couldn't run the Lambda function for a long time. I followed the recommendations from the video, and everything started working.
I'm so happy it helped you!