Jeroen Meeus is a developer that knows how to appreciate his glass of CH3CH2OH with well written code to read on a lazy sunday. When frustrated, he tends to share those frustrations at his so-called blog.
When building an awesome web app or website, we sometimes want people to be able to embed parts of our web app/website into their own. That could be an iframe holding a ‘like’ button, a simple image that they want to reuse or even our entire app embedded in an iframe.
But how do we control who has access, who is allowed to use up our bandwidth and query our service?
We define the problem as > controlling access to assets
By assets we mean: anything that can be queried from our site.
Allow some, block all
When talking about access control, we enter the domain of security. And when talking security, whitelisting should be the approach taken to tackle the problem. It is easier to control who is allowed to access your assets than it is to control who is not. It is simply impossible to know all the boogie monsters of the internet.
To protect our assets, we hire a gatekeeper to only let the ones we trust in. Once hired, we give him access to a whitelist we control, and let him do all the heavy lifting.
Repositories, Adapters, MVC with all it cousins, SOLID, RTFM… As a (PHP) developer, those words are thrown at you from every corner of the web. And I hate it, I’ve had enough. Stop telling me what to do and show me those kittens instead.
Software solves problems
We don’t just write software. Code doesn’t fall out of the sky into our files. We analyze the requirements, split them into small problems we know how to solve, and then we solve those small problems. Every line of code you write, have written and will ever write solves a certain problem. Be it to save the world, show kittens on a screen or make it look good in IE8. It’s there for a reason, don’t you touch it!
Problems are solvable and the solutions for these problems become part of something bigger. A black box that satisfies all initial requirements. But how do we solve these problems? Is my solution the best solution? Will other developers (or me in 2 months) understand what I did here?