投稿時間:2023-04-25 00:36:21 RSSフィード2023-04-25 00:00 分まとめ(37件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
TECH	Techable（テッカブル）	昆虫テーマのデジタルコンテンツを見学できる！メタバース空間「テクプラメタバースパーク」	https://techable.jp/archives/204243	nttqonoq	2023-04-24 14:00:46
AWS	AWS Government, Education, and Nonprofits Blog	New research for public sector CIOs as they prepare for digital assets	https://aws.amazon.com/blogs/publicsector/new-research-public-sector-cios-digital-assets/	New research for public sector CIOs as they prepare for digital assetsPublic sector regulatory agencies are at an inflection point as digital assets have emerged in the private sector in the form of cryptocurrencies stablecoins non fungible tokens NFTs and central bank digital currencies CBDCs To inform this process AWS has collaborated with industry analyst firm Constellation Research to write a new research report available to the public The CIO Imperative for Digital Assets in the Public Sector presents an exploration of the requisite topics to get CIOs and their teams up to speed and ready for this journey	2023-04-24 14:41:17
AWS	AWS Japan Blog	AWS MGNを用いた大規模なリホスト移行におけるEC2起動テンプレートの管理	https://aws.amazon.com/jp/blogs/news/manage-ec2-launch-templates-at-scale-during-rehost-migrations-with-aws-mgn/	application	2023-04-24 14:42:15
AWS	AWS Japan Blog	AWS Summit Tokyo 製造業向け展示速報	https://aws.amazon.com/jp/blogs/news/aws-summit-tokyo-exhibition-bulletin-for-the-manufacturing-industry/	awssummittokyo	2023-04-24 14:19:19
python	Pythonタグが付けられた新着投稿 - Qiita	#2 データ収集(ハンドジェスチャーでドローンを操作する)	https://qiita.com/Tsu9m0-O/items/92068e916deae3ee842c	anaconda	2023-04-24 23:58:36
python	Pythonタグが付けられた新着投稿 - Qiita	【ガチめにメモ】今年の個人目標は会社付近のランチに特化した社員向けの口コミサイトを作りたい	https://qiita.com/Official_urara/items/c422ee3d007040e10e6e	投稿サイト	2023-04-24 23:40:43
python	Pythonタグが付けられた新着投稿 - Qiita	例外となかよく	https://qiita.com/yulily/items/0844e1a928a95df32a26	種類	2023-04-24 23:24:10
Ruby	Rubyタグが付けられた新着投稿 - Qiita	Ruby初心者：オブジェクト、シンボルについて	https://qiita.com/Shota_Swallows/items/063aa8d96dca863825c3	初心者	2023-04-24 23:08:54
Linux	Ubuntuタグが付けられた新着投稿 - Qiita	Ubuntu VM のセキュアブートの有効化	https://qiita.com/shigeyf/items/2c1a062fa0708a67cc47	hyperv	2023-04-24 23:29:20
Linux	Ubuntuタグが付けられた新着投稿 - Qiita	Ubuntu Linux 起動ディスクを BIOS ブートから EFI ブートへ変換	https://qiita.com/shigeyf/items/ef84fb811491ca359c85	hyperv	2023-04-24 23:28:58
Linux	Ubuntuタグが付けられた新着投稿 - Qiita	仮想ディスクの変換 (VMDK 形式から VHD/VHDX 形式への変換)	https://qiita.com/shigeyf/items/e6772b90ae0d93f7cb37	hyperv	2023-04-24 23:28:24
Linux	Ubuntuタグが付けられた新着投稿 - Qiita	Ubuntu VM の移行 (VMware から Hyper-V へ)	https://qiita.com/shigeyf/items/e2a484f2b07cf0a0eee8	hyperv	2023-04-24 23:27:32
Docker	dockerタグが付けられた新着投稿 - Qiita	M1 Macユーザー必見！Docker利用時の注意点まとめ	https://qiita.com/kk_env/items/43e5ea9a946613be2470	docker	2023-04-24 23:01:54
golang	Goタグが付けられた新着投稿 - Qiita	Go言語でgzipファイルを解凍したい	https://qiita.com/neko_the_shadow/items/899a4f5a9642c1154176	srcpa	2023-04-24 23:44:15
Git	Gitタグが付けられた新着投稿 - Qiita	【Git】コミットメッセージのテンプレートを設定する方法	https://qiita.com/P-man_Brown/items/486bed4d250c52a542da	touch	2023-04-24 23:02:43
技術ブログ	Developers.IO	[섹션 리포트] Everything fails, all the time : 분산 시스템에서의 내장애성이 있는 설계에 대해	https://dev.classmethod.jp/articles/aws-summit-tokyo-2023-aws27/	섹션리포트 Everything fails all the time 분산시스템에서의내장애성이있는설계에대해안녕하세요 CX사업본부Delivery부정현재입니다 도쿄에서는 에AWS Summit Tokyo가개최되었습니다 AWS 이벤트는처음참가했는데 매우재밌었고유익한경험	2023-04-24 14:45:40
海外TECH	DEV Community	Hide text in CSS pseudo elements from screen readers with this one weird trick	https://dev.to/whitep4nth3r/hide-text-in-css-pseudo-elements-from-screen-readers-with-this-one-weird-trick-11eg	Hide text in CSS pseudo elements from screen readers with this one weird trickTL DR Add empty alternative text to the pseudo element content to prevent screen readers announcing your decorative design elements like so someClass before content M I m currently redesigning my website and part of the design includes decorative elements provided by a font specified as single letters in the content of CSS pseudo elements Psst If you don t know what a CSS pseudo element is read this post first What s the difference between and in CSS Salma Alam Naylor・Sep ・ min read css webdev beginners Here s some code that adds a large stylised paint brush glyph as a pseudo element attached to the HTML element of the page main before font family Atomic Marker Extras content M position fixed z index When using VoiceOver for MacOS to read the page using that code the letter M is announced Not ideal You can also confirm what will be announced using the Accessibility Tree view enabled via an experimental flag in Chromium browsers which gives you a visual display of all elements and their content that accessibility tools will have access to Fortunately the CSS content property comes with the ability to specify alternative text which is especially useful if you re using images in your pseudo elements that actually mean something And what s more if you want to tell the browser that the content is purely decorative and doesn t need to be seen by assistive technology you can provide an empty value for the alternative text like so main before font family Atomic Marker Extras content M position fixed z index And that s it One handy lesser known feature of CSS to help you make your weird and wonderful website designs more enjoyable to browse for everyone everywhere	2023-04-24 14:53:36
海外TECH	DEV Community	What is Passwordless Authentication?	https://dev.to/prove/what-is-passwordless-authentication-6ed	What is Passwordless Authentication Welcome back to the Identity Trends blog series The first post provided a comprehensive guide to leading identity trendsーcheck it out here if you missed it The next three posts will dive deeper into each of the major trends and explore how Prove solutions can help you stay ahead of the game Today we ll be focusing on Trend Passwordless Authentication What is Passwordless Authentication As its name suggests passwordless authentication uses factors other than traditional passwords such as biometric data fingerprints facial recognition or iris scans hardware tokens and other forms of digital identification to verify the identity of a user There are many different benefits to going passwordless from both a security and user experience perspective What are the benefits of going passwordless Did you know that roughly ⅓of online purchases are abandoned at checkout because consumers cannot remember their username and password Considering that the average consumer has around passwords and usernames to remember the rate of cart abandonment is not surprising In addition because consumers have too many passwords to remember they often use the same password across different accounts creating a dangerous domino effect in which a data breach at one company can result in dozens of accounts being compromised per user As a result many companies are phasing out passwords and replacing passwords with more secure options to improve user experience bolster security and boost their bottom line That s where Prove Auth comes in With the increasing prevalence of cybercrime it s more important than ever to protect ourselves from hackers and identity thieves Fortunately there s a technology that is changing the game when it comes to online security Prove Auth Prove AuthOne of the major benefits of Prove Auth is that it is incredibly user friendly Instead of requiring users to remember complex passwords and constantly reset them Prove Auth works seamlessly in the background verifying their identity without any extra steps or hassle Plus because it is based on real time data analysis Prove Auth can detect and respond to potential security threats in seconds ensuring the user s information stays safe and secure But what about privacy concerns With so much personal information being shared online it s understandable to worry about how that data is used Prove Auth is designed with privacy in mind using secure encryption protocols to protect your information and keep the user s data anonymous and confidential And because it works in real time Prove Auth doesn t store sensitive data on your device or in the cloud minimizing the risk of a data breach Keep reading for details on our Prove Auth Flow as we dive deeper into how to integrate Prove Auth Prove Auth is an umbrella service representing various forms of authentication The product currently consists of Device Auth and Mobile Auth Device AuthDevice Auth is a form of passive authentication where the enterprise can verify the possession of the phone in real time without any interaction from the user Mobile Auth is also a form of passive authentication where the possession of the phone happens in real time with coordination from the MNOs mobile network operators Prove Auth provides flexibility by allowing control of which authentication forms to execute for any given use case Mobile AuthMobile Auth is based on a call flow the first and last calls are handled in a server to server environment while the intermediate step occurs on the phone being queried Our Server Integration Guide outlines how to implement the two API calls of authenticateByRedirect and authenticateByRedirectFinish in an API only flow Our Native App SDK Integration Guide and Web SDK Integration Guide cover integrations on the device through one of Prove s SDKsーwhether through an app or mobile web browserーproviding a quick and easy way to retrieve the data needed even if your user is on Wi Fi This is important for the Device Auth call Mobile Auth FlowThe first step is orchestrating a server to server call to the authenticateByRedirect endpoint which requires the device IP of the cellular connection The second step is a middle call that the Prove SDK handles this happens over a cellular connection and attempts to reach the authentication URL redirect URL The third step takes the response from the second step which is then passed to the client s backend making a server to server call to authenticateByRedirectFinish It s important to note that the customer s app must complete steps one and three and is not done by the SDK The SDK orchestrates when steps one and three are to be executed The mobile SDK provides a quick and easy way to retrieve the data needed to make those server side calls In addition since the middle call must happen over the cellular network the SDK helps by retrieving the cellular IP address of the device and potentially performing a Wi Fi override for the middle call First Call authenticateByRedirectThe first server to server call the authenticateByRedirect endpoint requires the mobile device s cellular IP from the mobile data session entered in the “deviceIp field plus the URL for your server needed for the mobile device to send the verification fingerprint VFP i e a one time time bound authentication for unique identification via the “finalTargetUrl field The “RedirectTargetUrl generated in the response is a one time time bound authentication URL with the first VFP specifically for this mobile device and request The VFP value is a one time use key that ensures that man in the middle attacks are impossible Middle Step Device AuthNext the mobile device must execute an HTTP GET directly to the “RedirectTargetUrl returned from the authenticateByRedirect call the device makes the request directly to Prove and is authenticated The network enriches the request with subscriber identifying information typically encrypted into a new one time use time bound SIM signed VFP token that is shared back to the device The new VFP returns in the HTTP or responses even in the case of an error The response in the web browser implementation returns the device to the FinalTargetUrl specified in the first call which then starts the final call of the flow See our Native App SDK Integration Guide and Web SDK Integration Guides for details on integrating Device Auth Final Call authenticateByRedirectFinishThe final API call the authenticateByRedirectFinish endpoint obtains the results of authentication from the second call passing the “verificationFingerprint VFP value returned by the mobile device If successful the “MobileNumber associated with this particular consumer is returned to your server in this step indicating Mobile Auth has been completed Overall Prove Auth is an excellent choice for passwordless authentication It s perfect for businesses and organizations prioritizing security and protecting their sensitive information from unauthorized access In addition its use of MFA and fraud detection algorithms and ease of use make it a reliable and effective authentication solution Using Prove Auth businesses can ensure that their online accounts and services are secure and their customers data is protected	2023-04-24 14:47:07
海外TECH	DEV Community	7 Web Security Mistakes to Avoid (As a Developer)	https://dev.to/devland/7-web-security-mistakes-to-avoid-as-a-developer-6da	Web Security Mistakes to Avoid As a Developer As a web developer it s crucial to prioritize the security of your applications In today s digital world cyber threats are constantly evolving and hackers are always on the lookout for vulnerabilities to exploit Unfortunately even small security mistakes can have catastrophic consequences including data breaches financial losses and damage to your reputation In this article we ll discuss the top seven security mistakes that web developers should avoid to keep their applications and users safe Confusing authentication and authorizationWhen building web applications one of the most important aspects of security to keep in mind is the clear distinction between authentication and authorization These two concepts while related serve different purposes and it s essential to understand their differences to ensure the security of your applications Authentication is the process of verifying the identity of users while authorization involves granting or denying access to specific resources or functionalities based on the user s permissions or roles Confusing these two can lead to serious security vulnerabilities such as unauthorized access and data breaches To avoid this mistake always first implement robust authentication mechanisms to verify user identities and then use proper authorization techniques to control access based on permissions or roles Storing sensitive data in local storageDevelopers sometimes make the mistake of storing sensitive data like passwords credit card information and JWT Tokens in a browser s local storage This can be dangerous because it makes the data more vulnerable to attacks from hackers One of the main problems is that malicious code can be injected into a website allowing attackers to access and manipulate data stored in local storage This can lead to unauthorized access to sensitive data To avoid this risk it s important to store sensitive data on the server side using secure methods like encryption and access controls Only store essential information on the client side and sanitize and validate it properly to prevent attacks Additionally make sure to clear or remove any stored data once it s no longer needed to prevent unauthorized access or exploitation Using outdated libraries and frameworksLibraries and frameworks are essential tools used in web development to streamline the development process and add functionality to applications However using outdated versions of these libraries or frameworks can pose significant security risks Outdated libraries and frameworks may contain known security vulnerabilities that have been patched in newer versions These vulnerabilities can be exploited by malicious users to gain unauthorized access to your web app or compromise its security For example an outdated dependency could contain a vulnerability that allows for remote code execution allowing an attacker to execute malicious code on the server or gain unauthorized access to the underlying system To mitigate this risk it is important to regularly update all libraries and frameworks used in a web application to their latest stable versions This includes not only the main frameworks or libraries but also any dependencies or plugins used Additionally you should stay informed about the lifecycle of the libraries and frameworks they use Some libraries may no longer be actively maintained which means that security vulnerabilities may not be patched promptly or at all In such cases consider alternative libraries or frameworks that are actively maintained and have a strong track record of timely security updates Relying solely on client side securityClient side security measures such as input validation and authentication mechanisms implemented in the user s browser may not be sufficient to protect against attacks They can be easily bypassed or manipulated by attackers with knowledge of web development and browser tools Therefore it s important to implement robust server side security measures in addition to client side security to effectively protect your web applications against potential vulnerabilities and attacks Putting env File in a Web Server DirectoryPutting an environment file env in a web server directory can be a big security mistake An env file contains sensitive information like API keys and database credentials that shouldn t be accessible by unauthorized users If the env file is in a web server directory it can be easily accessed by anyone with the URL For instance you may find the database password of a real website just by searching in Google because the env file was left in the public folder of that website Therefore it is crucial to store the env file outside the web server directory or in a location that is not publicly accessible It s also essential to limit access to the env file Even your teammates should not have access to it unless they need it for specific reasons Remember not everyone needs to know the database password or API keys used in your web application Trusting Third Party CodeTrusting third party code is another common security mistake that web developers should be cautious about Many websites and web applications rely on third party libraries plugins frameworks and other code snippets to add functionality or streamline development However blindly trusting and integrating third party code without thorough evaluation and validation can introduce potential security risks Here are some considerations to keep in mind when dealing with third party code Source and Reputation Always verify the source and reputation of the third party code you are planning to use Stick to reputable sources such as official repositories or well known libraries with a large user base and active community support Avoid using code from unknown or untrusted sources as it may contain malicious code or vulnerabilities Minimal Integration Only include necessary third party code and review it for potential security risksSecurity Configurations Configure third party code with security best practices in mind such as secure authentication and least privilege principles Regular Audits Perform regular audits of third party code and monitor for security updates Not testing for security vulnerabilitiesSkipping security testing can leave vulnerabilities undetected in your web application Perform regular security assessments penetration testing and vulnerability scanning to identify and remediate any security weaknesses SummaryDeveloping a web application requires more than just knowledge of code it also involves an understanding of potential security risks As developers we all strive to write code that is secure and robust but unfortunately the common errors mentioned in this article can occur when we re not paying close attention By being aware of these top security mistakes you can take proactive steps to prevent them and create more secure web applications THANK YOU FOR READING I hope you found this little article helpful Please share it with your friends and colleagues Sharing is caring Connect with me on Twitter or LinkedIn to read more about JavaScript React Node js and more… Want to work together Contact me on Upwork	2023-04-24 14:31:32
海外TECH	DEV Community	npm v/s yarn v/s pnpm	https://dev.to/raxraj/npm-vs-yarn-vs-pnpm-fo8	npm v s yarn v s pnpmReady to talk package managers You know those tools that make your life as a developer so much easier or sometimes more frustrating Well we re here to compare the three big players npm Yarn and pnpm It s kind of like choosing your favourite type of pizza they re all great in their own way but which one is the best Well that s exactly what we re going to do in this blog Buckle up and grab your favourite snack pizza or nachos anyone because we re about to dive into the details of each one Get ready for some fun and maybe even a few surprises along the way SpeedI decided to put the installation speed of npm Yarn and pnpm to the test I installed Express Passport and dotenv using each package manager and waited impatiently for the installations to finish I was so impressed by how fast they were that I started to suspect they might have secretly installed themselves while I wasn t looking But in all seriousness the results were quite interesting Keep reading to find out which package manager reigns supreme when it comes to installation speed NpmYarnPnpm With its handy lockfile feature Yarn speeds up installation time significantly Sure npm has been making improvements to its installation speed lately but it still can t keep up with the lightning fast Yarn And while pnpm is also faster than npm it s not quite as speedy as Yarn Now I know what you re thinking it s just a small difference in speed right But trust me when you re dealing with a massive number of dependencies Yarn s speed will blow your mind Dependency ResolutionAlright time for a quick lesson in dependency resolution Yarn our speedy friend from before uses a deterministic algorithm that ensures the same set of dependencies are installed on all machines It s like a reliable GPS that never leads you astray On the other hand npm s flat dependency structure can sometimes lead to conflicts It s like a bad GPS that takes you through the wrong route and leaves you stranded And then there s pnpm our adventurous buddy that likes to live life on the edge It installs dependencies by sharing packages between projects which can be faster but can also cause conflicts It s like a GPS that takes you on a scenic route but occasionally leaves you lost in the wilderness I would want to give you a good old long example here but then that will make this blog lengthy amp amp boring But Hey I have a much simpler explanation Let s take an example package PackageX let s call it the POWER PUFF PACKAGE If you have version of this package installed and your package json file specifies a range of x x then if you reinstall it using npm it will keep the same version no upgrade to which is the latest version However if you use Yarn it will always install the latest matching version even if you delete the lockfile This makes Yarn more consistent in its behaviour ensuring that you get the latest version of the package every time Offline Mod OG Yarn and pnpm are two package managers that come with a feature that many developers find handy offline mode With Yarn or pnpm you can install packages even if you don t have an internet connection as long as you have already downloaded the necessary files This feature can be especially useful if you are working on a project while traveling or in an area with spotty internet connection However if you are using npm you won t have the luxury of an offline mode That means you ll need a stable internet connection in order to install packages which can be a bit of a bummer for those who are often on the go SecurityYarn s security features are nothing to be knitted about With its use of checksums to ensure package integrity and a built in command to audit packages for vulnerabilities Yarn is a real yarn spinner when it comes to security Meanwhile npm and pnpm s security features are similar but not as tightly knit as Yarn s Yarn s checksum feature ensures that the installed package matches the package distributed on the registry This prevents malicious actors from tampering with the package during transit To verify a package s checksum you can run the following command in Yarn yarn check integrityIn addition to checksums Yarn also has a command for auditing packages for security vulnerabilities This command checks for known security vulnerabilities in all installed packages and their dependencies It also suggests steps for resolving any vulnerabilities found npm also has a similar npm audit command but it s not as advanced as Yarn s audit feature pnpm on the other hand relies on npm s security features and doesn t have any additional security measures like checksums Custom RegistriesListen if you re anything like me you don t want to be stuck with just the default registries Thankfully all three package managers offer some level of support for custom registries But let s be real Yarn has the VIP treatment when it comes to private registries And with its selective version resolution feature you can cherry pick the best dependencies from your favorite registry while still keeping things cozy with the default one Sorry npm and pnpm but Yarn s got the hookup ConclusionNow I know what you re thinking Oh great here comes the biased opinion But hey it is what it is After analyzing all the features and functionality of Yarn npm and pnpm I gotta say Yarn takes the cake baby It s faster than a cheetah on caffeine has security features that could make a CIA agent jealous and can handle custom registries like a boss Don t get me wrong npm and pnpm are cool and all but they re just not on the same level as Yarn So if you want to be the coolest kid on the block or in the dev world use Yarn for all your JavaScript projects Trust me your code will thank you	2023-04-24 14:27:30
海外TECH	DEV Community	Authentication Service with Spring Boot and React client — Part 2	https://dev.to/danial2026/authentication-service-with-spring-boot-and-react-client-part-2-1dnk	Authentication Service with Spring Boot and React client ーPart part Authentication Service with Spring Boot and React client IntroductionIn the Part we implemented an authentication service using Spring Boot on the backend and ReactJS on the frontend And in this part we will add a redirect page which enables the authentication of users in other clients by utilizing the JWT token saved within the auth client Implementing the Redirect page in Auth ServiceCreate a new file called redirect js in the auth directory and add the following code import React useEffect useState from react function RedirectPage match useEffect gt Get the query parameters const urlParams new URLSearchParams window location search const redirectParam urlParams get redirect Get user s accessToken const accessToken localStorage getItem accessToken if accessToken amp amp redirectParam Redirect to the link with token as param const redirectLink redirectParam token accessToken window location href redirectLink else Redirect to main page if user is not logged in window location href return lt div gt lt div gt export default RedirectPage By utilizing the useEffect hook we can ensure that the redirection logic is executed as soon as the redirect page is loaded First get the redirect URL from the query parameters using URLSearchParams If no URL is provided user is redirected to the login page Next retrieve the user s token from local storage Then check if the user is logged in and the redirect parameter is available If both conditions are true the user is redirected to the URL along with the JWT token included as a query parameter Using the Redirect Page in Another ServiceTo use the redirect page in another service we need a link to the redirect page in our service and a login page that accepts the access token as a query param For example in our chat service at we use this component for login lt a href chat danials space gt Login lt a gt And for login page create a new file called login js and add the following code import React useEffect useState from react function LoginPage match useEffect gt Get the query parameters const urlParams new URLSearchParams window location search const redirectParam urlParams get token if redirectParam Save user s accessToken localStorage setItem accessToken redirectParam Redirect to main page if user is not logged in window location href else Redirect to main page if user is not logged in window location href return lt div gt lt div gt export default LoginPage After the user is redirected to this page with their token the token is automatically saved in local storage for future use ensuring a secure and seamless user experience In conclusionThe redirect page fetches the token from local storage and redirects authenticated users to the requested URL with the token as a query parameter and redirects unauthenticated users to the login page providing added security and a seamless user experience	2023-04-24 14:13:48
海外TECH	DEV Community	Authentication Service with Spring Boot and React client	https://dev.to/danial2026/authentication-service-with-spring-boot-and-react-client-22gi	Authentication Service with Spring Boot and React clientHello there Have you ever wanted to build an authentication service using Spring Boot and MongoDB If so you ve come to the right place In this post I m going to show you how to create a simple authentication service using Spring Boot and MongoDB which you can use as a starting point for your own projects IntroductionThis service allows users to register login and manage their profiles We will use JWT tokens for authentication and authorization and will store them in a Redis database Also the user s data will be stored in a MongoDB database PrerequisitesBefore we get started make sure you have Docker installed You ll also need a MongoDB and a Redis database PS You can use a free MongoDB Atlas account as your primary database To build the service we ll use the following tools Spring Boot a popular Java framework for building web applications Maven a build tool used for testing and running the backend MongoDB a NoSQL database for storing user data Redis an in memory database for storing JWT tokens Docker a platform for running applications in containers Building the Spring Boot ModuleFirst we ll build the backend service Create a new Spring Boot project using the Spring Initializr Add the following dependencies to your project Spring WebSpring Data MongoDBSpring Securityjjwt a library for working with JWTs in Java Next Create a new MongoDB database and collection to store user data In your Spring Boot application create a new class User with the following fields id a unique identifier for the user fullName the user s full name username the user s username password the user s password stored as a hashed value phoneNumber the user s phone number birthday the user s date of birth bio a short bio about the user Use Spring Data MongoDB to define a repository interface for the User class which you ll use to interact with the database Implement the registration endpoint Create a new REST controller class auth controller with a signup method that accepts a JSON payload containing the user s registration data Storing hashed password in the database Implement the login endpoint Create a new method signin in the auth controller class that accepts a JSON payload containing the user s login credentials Use Spring Security s AuthenticationManager to authenticate the user s credentials and if successful generate and return a new JWT token Building the React ClientNow let s move on to the frontend Create a new React app using npx create react app auth clientcd auth clientnpm startIn the src folder create a new folder called auth This folder will contain the logic for making API requests and page UIs Implement the following functions inside register sends a POST request to the registration endpoint with the user s registration data verification sends a POST request to the verification endpoint with user s username and verify code login sends a POST request to the login endpoint with the user s login credentials logout clears the JWT token from local storage Use the useState hook to create state variables page inputs Use the onChange event to update these state variables Use the useEffect hook to update the isLoggedIn state variable when the component mounts If a JWT token is stored in local storage set isLoggedIn to true Why we save JWT in local storage Because retrieving the token from local storage instead of cookies provides an added layer of security to our application which is crucial in ensuring the safety and confidentiality of user data SetupFirst to generate credentials for Spring Boot module open a terminal and navigate to the root directory of the project then run the following command bash generate passwords shThis will generate unique passwords for the MongoDB and Redis databases used by the application as well as JWT credentials PS Keep in mind that if you re using a MongoDB Atlas database you have to update the host and port accordingly Replace the KAVENEGAR YOUR API KEY placeholder in the src main resources application dev yml file with your Kavenegar API key To launch dockerized databases please run the following command in your terminal docker compose f docker compose dependency yml up d buildTo start the Spring Boot module run the following commands mvn clean installmvn spring boot runNext for the ReactJs app run the following commands npm installnpm startTo launch Spring Boot module and the React client inside of containers open a terminal and navigate to the root directory of each project then run the following command in your terminal docker compose up d build ConclusionTo sum up building an authentication service using Spring Boot is a great way to provide user authentication and management With a simple React frontend this project can be a starting point for your own authentication service Give it a try and have fun building Front end source code Back endsource code	2023-04-24 14:12:13
海外TECH	DEV Community	3 Paths to Become a Web Developer	https://dev.to/realcarlostrujillo/3-paths-to-become-a-web-developer-1j2p	Paths to Become a Web DeveloperLearning how to code is hard But if you choose the wrong path for you it could be even worse So let s take a look at what those are and what the pros and cons are so YOU can make a smart decision Path Get a DegreeTo be a web developer you don t and let me repeat you don t NEED any degree Well formal education is not bad at all but in tech a lot of stuff that you don t need is being taught on the basis of broadness instead of depth So there is value there the only caveat is that today companies value depth in knowledge more than broad knowledge In the last years the marketplace has opted for specializing and not only in the tech industry That s why a college degree where you will get just a solid base is not enough to get you a job just because Pros Looks good on the resume especially if you went to an Ivy League University MIT Harvard etc More rounded educationSolid understanding of foundational conceptsYou can expand beyond a single branch not just web developmentLive the college life if you do on site Make friends and connections with peers and teachers very valuable for future projects or job opportunities Career services are often a lot better research opportunities internships etc that other alternatives don t offer Cons Expensive veryTime commitmentLong and rigid structure that s what she said Focus on being broad not on depthWorthless classes or outdated curriculumHeavy on math which you don t really need a lot for web development I still recommend going to college if You are young and want to experience college life on site no remote BS you re young and want to have fun and be around your peers and make connections YOLO and YOYO I don t see anything wrong with that It s debt free don t get in debt for something you can learn for free especially this kind of money It s an Ivy League University these universities do make a difference in your resume so if you can get into one of those don t overthink the workplace treats those with more respect and you will definitely get an interview just by listing it on your resume Otherwise I ll go a different route just because of the time caveat Four years to get a degree where you can go another route and start getting experience and being paid way sooner sounds like a better alternative for me Path BootcampBootcamps are great they are a condensed way to learn and acquire skills in a fast paced environment The downside is that unfortunately it s not for everybody They are usually expensive ranging from k to k and insanely fast paced The good thing is that they dive into specifics and don t go around the bushes when it comes to content and specialization Pros Good for teaching a skill set that s genuinely useful on the jobGet good fast based on how quickly you can learn Networking could be mentors could be new mates you made in the bootcamp in any case you can leverage that you re not learning in isolationMentorship and support from real professionals in the industry Cons ExpensiveFast paced some of them may be too fast They don t guarantee a jobCertificates of completion don t mean anythingQuality varies among them I ll recommend bootcamps if You have money to spendIt s on site take a holiday and do it right remote bootcamps have lower completion rates than on site and it s good to know and share with fellow coders and networkThey have a good career services program that can help you with your soft skills after you ve got the technical part so you can receive an offer as soon as possibleIt has a good track record and longevity in the industry because they will have the best mentors and the best quality of curriculum and personnel Path Self TaughtMy personal favorite self taught is well self explanatory You get yourself a few resources you like and get your hands dirty Pros CheapAt your own paceSince you re not following a rigid track you can learn from different sources and get the most updated information or maybe expand on topics you find more interesting Cons Difficult to stay focused and motivatedYou re missing out on networking opportunities which is a big oneLack of guidance or mentoringSome employers might not like that you don t have a traditional background so you might need to prove yourself in their eyes to get your first job I ll recommend self taught if You can t leave work to focus on learning to codeYou want to learn to code as cheaply as possibleYou already know your way around computers and know how to find good resources onlineYou are disciplined and consistent which is a big oneYou re not afraid to ask strangers for help And that s a wrap I hope you find this helpful Keep calm and code away Carlos	2023-04-24 14:04:31
Apple	AppleInsider - Frontpage News	iPhone 14 Emergency SOS via Satellite saved students stuck in a Utah canyon	https://appleinsider.com/articles/23/04/24/iphone-14-emergency-sos-via-satellite-saved-students-stuck-in-a-utah-canyon?utm_medium=rss	iPhone Emergency SOS via Satellite saved students stuck in a Utah canyonThe iPhone Emergency SOS via Satellite feature helped save three stranded students who were dealing with hypothermia and being stuck in a canyon The iPhone lineup has an emergency featureStudents from Brigham Young University decided to go on a trip before graduation to San Rafael Swell Recreation area filled with canyons and other geological formations They had read about a canyon in the area and wanted to check it out having been canyoneering for about a year Read more	2023-04-24 14:39:59
Apple	AppleInsider - Frontpage News	Apple's Q2 2023 should meet expectations, but June quarter may be rough	https://appleinsider.com/articles/23/04/24/apples-q2-2023-should-meet-expectations-but-june-quarter-may-be-rough?utm_medium=rss	Apple x s Q should meet expectations but June quarter may be roughWhile Apple s second quarter results are expected to meet Morgan Stanley s estimates investors should look beyond a potentially poor June quarter result and not panic An Apple Store logoApple will be releasing its Q financial results on May and Morgan Stanley doesn t think there will be too many surprises In a note to investors seen by AppleInsider the Q results will be in line with its expectations Read more	2023-04-24 14:29:08
海外TECH	Engadget	The UK will spend £100 million to develop its own 'sovereign' AI	https://www.engadget.com/the-uk-is-creating-a-100-million-ai-taskforce-143507868.html?src=rss	The UK will spend £ million to develop its own x sovereign x AIThe UK government doesn t want to sit idle while foundational AI models like ChatGPT flourish Prime Minister Rishi Sunak and Technology Secretary Michelle Donelan have pledged an initial £ million about million to establish a Foundation Model Taskforce The team will develop AI that ideally makes the country quot globally competitive quot and will work with the industry to make these systems safer and more reliable The taskforce is inspired by the COVID vaccine unit from the height of the pandemic The group will report directly to both the Prime Minister and Technology Secretary and have a chairperson announced this summer The funding comes alongside roughly £ million billion in the UK budget devoted to both an exascale supercomputer and dedicated AI research resources Officials aren t shy about their hopes The UK wants to have quot sovereign quot AI technology that spurs the economy while avoiding the ethical and technical pitfalls that have led experts to call for a six month pause on experiments Such models can sometimes be inaccurate or exhibit strange behavior such as refusing to answer questions or even criticizing users Donelan sees trustworthy AI as an edge in the field that can help create medical treatments aid public services and fight climate change To some degree the UK already has a major presence in AI Google s mainly London based DeepMind team produces cutting edge AI research for instance However the hottest systems in recent memory have been developed elsewhere ーChatGPT is the work of US based OpenAI The taskforce theoretically keeps British AI relevant despite this trend toward foreign born technologies This article originally appeared on Engadget at	2023-04-24 14:35:07
海外TECH	Engadget	Like it or not, a Call of Duty board game is coming in 2024	https://www.engadget.com/like-it-or-not-a-call-of-duty-board-game-is-coming-in-2024-141702572.html?src=rss	Like it or not a Call of Duty board game is coming in Those who are perhaps a little tired of playing Ticket to Ride or Settlers of Catan at Thanksgiving will have a new way to get mad at their extended family members starting next year That s because Call of Duty The Board Game is on the way Pre orders will start this fall on Kickstarter Activision teamed up with board game publisher Arcane Wonders along with Genuine Entertainment and Evolution to make the game Call of Duty The Board Game is said to be a fast paced blend of combat strategy and tactical planning However an announcement video that brings to mind the Marvel Studios production logo doesn t shed more light on how the game actually works What we do know for now is that as you may have guessed you and your companions will take on the guise of soldiers You ll battle your opponents with combat skills and a variety of weapons Arcane Wonders says there are a number of scenarios and gameplay modes to choose from while the action takes place across several maps from the Call of Duty games There s no word yet on whether you ll be able to set off a nuclear bomb in your living room if you reach a high enough kill streak to wipe out everyone and somehow still win the game More Call of Duty The Board Game details will be revealed in the coming months This article originally appeared on Engadget at	2023-04-24 14:17:02
Cisco	Cisco Blog	XDR and the Importance of Cross-Domain Correlated Telemetry	https://feedpress.me/link/23532/16089667/xdr-importance-of-cross-domain-correlated-telemetry	XDR and the Importance of Cross Domain Correlated TelemetryYou need enough data to correlate lateral attacks which is why a true XDR solution is such a game changer Learn more about this development	2023-04-24 14:55:56
Cisco	Cisco Blog	Simplify Your Security Operations with Cisco XDR, Launching at RSAC	https://feedpress.me/link/23532/16089668/simplify-your-security-operations-with-cisco-xdr	Simplify Your Security Operations with Cisco XDR Launching at RSACCisco XDR simplifies security operations allowing security teams to elevate productivity and stay resilient against the most sophisticated threats	2023-04-24 14:55:19
海外科学	NYT > Science	Northern Lights Are Seen in Places Where They Normally Aren’t	https://www.nytimes.com/2023/04/24/science/northern-lights-aurora-borealis.html	Northern Lights Are Seen in Places Where They Normally Aren tThe lights driven by a large burst of energy from the sun illuminated an unusually wide area across North America and Europe and may be visible again on Monday night	2023-04-24 14:31:22
海外TECH	WIRED	Inside U2's Boundary-Breaking Immersive Vegas Show	https://www.wired.com/story/u2-las-vegas-residency-the-sphere/	creative	2023-04-24 14:07:30
海外科学	BBC News - Science & Environment	LionLink: North Sea power line to connect wind farms to UK	https://www.bbc.co.uk/news/science-environment-65375943?at_medium=RSS&at_campaign=KARANGA	electricity	2023-04-24 14:11:59
金融	金融庁ホームページ	「金融機関のITガバナンスに関する対話のための論点・プラクティスの整理」の改訂（案）への意見募集について公表しました。	https://www.fsa.go.jp/news/r4/sonota/20230424/20230424.html	意見募集	2023-04-24 15:00:00
金融	レポート｜日本総研	中国グリーン金融月報【2023年3月号】	https://www.jri.co.jp/page.jsp?id=105118	Detail Nothing	2023-04-25 00:00:00
ニュース	BBC News - Home	Three teenagers killed in crash in Shipston-on-Stour named	https://www.bbc.co.uk/news/uk-england-coventry-warwickshire-65378201?at_medium=RSS&at_campaign=KARANGA	warwickshire	2023-04-24 14:53:34
ニュース	BBC News - Home	World Snooker Championship 2023 results: China's Si Jiahui seals 13-7 victory over Robert Milkins	https://www.bbc.co.uk/sport/snooker/65377412?at_medium=RSS&at_campaign=KARANGA	World Snooker Championship results China x s Si Jiahui seals victory over Robert MilkinsChinese debutant Si Jiahui completes a comfortable victory over Robert Milkins to reach the quarter finals of the World Championship in Sheffield	2023-04-24 14:17:18
仮想通貨	BITPRESS（ビットプレス）	コインチェック、5/13まで「Coincheckつみたて、キャッシュバックキャンペーン」実施	https://bitpress.jp/count2/3_14_13606	coincheck	2023-04-24 23:39:21