Recent
- Hiding database UUID primary keys of your web application
- Don't Repeat Yourself (DRY) with Jinja2
- SQLAlchemy, PostgreSQL, maximum number of rows per user
- Show the values in SQLAlchemy dynamic filters
- Secure data transfer with Public Key encryption and pyNaCl
- rqlite: a high-availability and distributed SQLite alternative
Most viewed
- Using Python's pyOpenSSL to verify SSL certificates downloaded from a host
- Using UUIDs instead of Integer Autoincrement Primary Keys with SQLAlchemy and MariaDb
- Connect to a service on a Docker host from a Docker container
- Using PyInstaller and Cython to create a Python executable
- SQLAlchemy: Using Cascade Deletes to delete related objects
- Flask RESTful API request parameter validation with Marshmallow schemas
Tags
AiohttpAJAXAlembicAlpineAPIApplication settingsAsyncBabelBeautifulSoupBootstrapCachingCaptchaCeleryColorsCompileCronCryptographyCSRF protectionCythonDecoratorDeep LearningDeepLDispatcherMiddleWareDistributionDNSDockerDocker SwarmDocker-composeEmailExceptionsFastAPIFlaskGunicornIconsIMAPInternetISPConfigJavascriptJinja2KubernetesLog fileLoggingMachine LearningMariaDBMessage brokerMultilanguageMultiprocessingPentestingPikaPostfixPostgreSQLProfilingPyInstallerpyOpenSSLPytestRabbitMQRedisrqliteScrapingSecuritySecurity testingSeleniumSlackSQLAlchemyTestingThreadsTimezoneToastsUbuntu TouchUUIDWeb automationWerkzeugWheelsWTFormsYouTubeHiding database UUID primary keys of your web application
29 March 2024 0
Peter
When you create a web application, you must be very careful not to expose too much information. If you use (auto-increment) Integer IDs in your database, then you are probably exposing too much already. Some examples. An Integer user_id makes it easy to guess how many new registrations you receive every day. An Integer order_id makes it easy to guess how many orders you receive every day. In addition, ...
Don't Repeat Yourself (DRY) with Jinja2
20 February 2024 0
Peter
I was trying some things with Jinja2, created a small Flask app, and thought why not share this. What I wanted to achieve was to put all page names in one template file. As with Python, when writing a lot of code, you must be careful not to repeat yourself with Jinja2. Before you know it, you end up with many template files containing the same types of information. And when you want to change something, ...
SQLAlchemy, PostgreSQL, maximum number of rows per user
5 February 2024 0
Peter
You have a multi-user application using SQLAlchemy and PostgreSQL and want to limit the number of rows per user of a certain table. For example, every user can have a maximum of five posts. You need an operation like: Lock the table Count the number of posts of the user If the number less than five: Add new post Unlock the table Else: Unlock the table Generate exception ...
Show the values in SQLAlchemy dynamic filters
18 January 2024 0
Peter
When using SQLAlchemy, I often use dynamic filters in my queries. This means that I start with a list with some conditions and add more conditions that depend on other variables.Here is a query with a static filter: # query with static filter product_colors = ['white'] stmt = sa.select(Product).\ where(sa.and( Product.category.in_(my_categories), Product.color.in_(product_colors), ...
Secure data transfer with Public Key encryption and pyNaCl
2 December 2023 0
Peter
This is a short post about transferring data safely between two persons. For this we use the Python pyNaCl package to generate private and public keys and to encrypt and decrypt the data. I also added the Python keyring package to store the private_key and public_key. Not really that difficult. I needed a basic class to do this and here I share it. Maybe you find it useful. As always I am developing ...
rqlite: a high-availability and distributed SQLite alternative
17 October 2023 1
Peter
In a project I am using a SQLite database. The data is not critical, it can be reloaded at any time. Still, I do not want part of the application to become unresponsive when the SQLite database is temporarily unavailable. I was looking for a fast, more or less fault-tolerant database, and also distributed, so I can replicate some reader modules. There are a few solutions that came up when searching ...
Should I migrate my Docker Swarm to Kubernetes?
15 September 2023 0
Peter
When you read posts on the internet saying that Docker Swarm is dead, you get scared. I have a Docker Swarm running and I like it, it's easy when you already use Docker. What are the alternatives? We read the whole time that there is only one thing to do and that is to migrate to Kubernetes and forget everything else. I was half-way migrating from Docker to Docker Swarm, and wanted to know if I should ...
Get a list of YouTube videos of a person
7 September 2023 0
Peter
A few days ago I got the question: Can you download all the public YouTube videos of a person, that were uploaded between 2020 and today. The total number of videos was about two hundred. And no, I could not get access to this person's YouTube account. In this post, I use the YouTube API to download the required metadata from the videos, one item per video. I looked in PyPI, but could not find a suitable ...
From Docker-Compose to Docker Swarm: Configs
29 August 2023 0
Peter
You have an application that consists of a number of Docker-Compose projects, and are using Docker-Compose to build, start and deploy. Now you want to go one step further and move some of the Docker-Compose projects to another server. The most obvious choice to do this, well to try first, is Docker Swarm. You learn a few more Docker commands and you're done. Is it really that easy? Spoiler alert. ...
Docker-Compose projects with identical service names
25 August 2023 0
Peter
If we have identical Docker-Compose projects with identical service names, connected by a Docker network, we must make sure that we access the proper service. Over a Docker network there are two ways we can access a service: By service name By container name I have multiple Docker-Compose projects that are almost identical, each project is in its own directory and has its own environment. I ...
X web automation and scraping with Selenium
11 August 2023 0
Peter
When you want to scrape data from the Web, you have to know what you're doing. You don't want to overload a target server with requests. If you do this from a single location, an IP address, you could get a (temporary) ban. If you want to scrape big, consider using a dedicated service such as ZenRows, ScrapFly, WebScrapingAPI, ScrapingAnt, etc. They distribute your requests across a lot of systems, ...
Aiohttp with custom DNS servers, Unbound and Docker
13 July 2023 0
Peter
Using aiohttp looks so easy, but it is not. It's confusing. The 'Client Quickstart' documentation begins with the following: Note Don’t create a session per request. Most likely you need a session per application which performs all requests together. More complex cases may require a session per site, e.g. one for Github and other one for Facebook APIs. Anyway making a session for every ...
Return only the values of a list of records from FastAPI
6 July 2023 0
Peter
In Python, everything is a class, which means that model data is similar to a dictionary. But dictionaries have keys. And when you return a list of many dictionaries from FastAPI, the size of the data, keys and values, is usually much more than twice the size of the values. Larger size and more time means that our application is not very efficient, slower than necessary. It also means it consumes more ...
Prevent IP address spoofing using Reverse path filtering
15 June 2023 0
Peter
This post is about system administration and has nothing to do with Python. Then why post this here? Because I believe there many like me who run one or more web servers and sometime run into these problems. In the previous post I wrote that my ISPConfig Debian server was subject to port scanning, etc. and that it appeared that 95% of all requests came from China unless ... these IP addresses were ...
Collect and block IP addresses with ipset and Python
21 May 2023 0
Peter
If you have a server connected to the Internet, you've probably seen this in your log files: lots of illegal external requests trying to access your services. I maintain a Debian server, and use Fail2Ban for intrusion prevention. Standard practice, install, configure and forget. Since the server was getting pulled down at certain times, I decided to take a closer look. I'm mostly into programming ...
How to cancel tasks with Python Asynchronous IO (AsyncIO)
2 May 2023 0
Peter
For a project I was using AIOHTTP to check the responses of many remote websites, URLs. The URLs were coming from a list. This list can contain duplicates. Everything fine until I noticed that some responses also had status code: HTTP-429 'Too Many Requests'. Whatever the reason, overload, security, we want to behave friendly and do not want to call identical URLs again, at least for a minimum time. ...
Run a Docker command inside a Docker Cron container
18 April 2023 0
Peter
When using Docker, your application typically consists of several Docker containers. Often, you want to run scripts inside these containers at certain moments, for example, every five minutes, once an hour, once a day. This is where the job scheduler Cron comes in, and there are several options on how to do this. In this post I create a separate Cron container, and use the Docker Exec command to execute ...
Creating a Captcha with Flask, WTForms, SQLAlchemy, SQLite
10 April 2023
Peter
In the past I wrote some code for a (text-only) Captcha for a Flask website. This is an update. Here I use a Pypi package to generate the image. Besides that I also added a Captcha image refresh button.You can try the code below, it is a (newsletter) subscription form. Although this is a Captcha solution for a Flask website, it can be converted into a Captcha server. Note that I use SQLite here for ...
Multiprocessing, file locking, SQLite and testing
30 March 2023 0
Peter
I was working on a project with SQLAlchemy and PostgreSQL. For a few tables, I wanted to limit the number of rows per user, and did this by adding a PostgreSQL check function and trigger. Manual testing every thing appeared to be working fine but what if a user would start multiple processes and add rows at exactly the same time? I added the 'pg_advisory_xact_lock' but will this really work? Did I ...
Sending messages to Slack using chat_postMessage
23 March 2023 0
Peter
For a project I was already sending messages by email, but now I also wanted to send messages to Slack. Of course, we are using the Python Slack SDK. The documentation can be found on the page: Python Slack SDK - Web Client. In this post I create a simple SlackAPI class with its own SlackError exception class. Create and configure a new Slack App We will be sending our messages to a Slack Channel. ...