Introduction Mail received at SES, It will automatically save to S3 Bucket. SES can start up Lambda at the timing it received and store it directly in DynamoDB or RDS. However, in order to prevent DynamoDB capacity limitation and mail failure due to failure, I decided to save it to S3 for the moment. Then, if you start Lambda with the save to S3 as a trigger, it will become
Read More →
Pros of JWT validate the access token without accessing the database get user ID etc from access token without accessing database Pros of JWT-RS Even outside the source of the access token, verify validity and acquire user ID etc using public key How to generate RSA key $ openssl genrsa 4096 > prikey.txt $ # Generate public key $ openssl rsa -pubout < prikey.txt > pubkey.txt $ # Convert secret
Read More →
To save passwords, BCrypt is better than SHA hash Pros Protect against rainbow table attacks (Generate different hashes with the same password) Resistant to brute-force attacks Setup Updating your dependencies // build.gradle dependencies { compile "org.springframework.security:spring-security-core" } Usage ... user.passwordHash = BCryptPasswordEncoder().encode(password) user.save() fun login(userId:String, password: String): Boolean { ... if(!BCryptPasswordEncoder().matches(password, user.passwordHash)){ return false } return true }
Read More →
In AWS (ECS / EC 2), when using database password or RSA secret key, It is good to obtain from AWS Secrets Manager Terraform settings AWS Secrets Manager Create AWS Secrets Manager with terraform resource "aws_secretsmanager_secret" "something" { name = "${var.app_name}/${terraform.workspace}/something" kms_key_id = "${aws_kms_key.main.key_id}" } resource "aws_secretsmanager_secret_version" "something" { secret_id = "${aws_secretsmanager_secret.something.id}" secret_string = "{}" lifecycle { ignore_changes = ["secret_string"] } } IAM Role Add permissions to read/write values to
Read More →
Truncate All Tables(for Testing) /// Delete Tables Component @Component class DataCleaner( private val dataSource: DataSource, private val entityManager: EntityManager ) { private var tables: List<String>? = null fun deleteAll() { dataSource.connection.use { con -> // Safety if (!con.metaData.url.contains("unittest")) { throw Exception("DANGER!!!") } if (tables == null) { tables = con.metaData.getTables(con.catalog, null, null, arrayOf("TABLE")).use {
Read More →
Add @EnableScheduling to the Application class @SpringBootApplication @EnableScheduling class Application { companion object { @JvmStatic fun main(args: Array<String>) { SpringApplication.run(Application::class.java, *args) } } } Add @Sccheduled to the background method @Service class BackgroundRunner { @Scheduled(fixedDelay = 1000 * 60 * 60) // Run every hour fun doSomething() { ... } }
Read More →
@Entity data class User( var id: Long, var name: String?, var age: Int, ... ) class UserSummary(var id:Long, var name:String?) interface UserRepository : JpaRepository<User, Long> { fun findOneById(id: Long): User? fun <VIEW> findOneById(id: Long, type: Class<VIEW>): VIEW? fun <VIEW> findByIdIn(ids: List<Long>, type: Class<VIEW>): List<VIEW> // Using @Query failed to narrow the select column by passing type // @Query("from org.example.User where id in :ids") // fun <VIEW>findByIds(@Param("ids") ids: List<Long>, type:Class<VIEW>): List<VIEW>
Read More →
Unlike Java, in the case of Kotlin, using JDBC directly does not become too redundant Data acquisition method 3 patterns EntityManager @Component class Clazz1( private val entityManager: EntityManager ){ fun procSomething() { val rows = entityManager.createNativeQuery(""" select id, field1 from table1 """).let { q -> q.resultList } } } JpaRepository @Entity data class AnyData( val id: Long, val field1: String ) interface AnyDataRepository : JpaRepository<AnyData, Long> { } @Component class
Read More →