Implementing U2F Authentication With Hardware Keys Using Node.js and Vue.js

January 7, 2019 Nic Raboy

Not too long ago I had written a tutorial titled, U2F Authentication with a YubiKey Using Node.js and jQuery, which demonstrated how to use hardware keys as a means of universal two-factor (U2F) authentication. However, I had left some things to be desired in that previous post. For example, the previous tutorial did not use proper session management with Express.js and it used jQuery, which is neat, but by no means is as popular as some of the other web frameworks that currently exist.

In this tutorial, we're going to expand upon what we had done previously, but implement proper session management with Express.js and use Vue.js, which is a modern web framework.

Writing Self Hosted Alexa Skills With Golang

January 2, 2019 Rob King

A couple of years ago I was lucky enough to win an Echo Dot in a company hackathon. Since then I have been trying to develop Alexa Skills that interest me in my spare time. Before exploring this new field of development, I had been interested in learning and practicing a language that was new to me, Golang (or just Go). Considering Alexa skills are based on web services, one of the area where Go excels, it seemed like a great way to "have my cake and eat it too."

It was a couple of months ago when I came across a great post by Nic Raboy on writing about writing Alexa Skills with Golang and AWS Lambda which can be found here. Most of the Skills I have developed started before Lambda had first-class support for Go so I am much more comfortable writing Skills using self-hosted web services. Using Lambda for Alexa Skills is definitely a great approach but there are some instances where using your own server might make more sense. If you are looking to reuse an existing server or rapidly prototype an idea then maybe it makes more sense to use this approach.

In this post, I will detail the steps necessary to deploy a web service that can be used to fulfill Alexa Skill requests. To make it easier to compare this approach with using Lambda, the functionality of the Skill will remain almost identical to Nic Raboy's example. It is only the deployment process that will be changed.

My Activity Report For 2018

December 24, 2018 Nic Raboy

The 2018 year is winding down so it is time to reflect on some of the things that have happened in terms of The Polyglot Developer and all of its channels.

Let this be a statistics report for everything that has happened on the blog, YouTube channel, and podcast. If you're interested in adventuring into the world of technical content production, this will give you some perspective into what to expect.

Manage Sessions Over HTTPS With Node.js And Vue.js

December 17, 2018 Nic Raboy

A long time ago when I had been exploring session management in Node.js, I had written a tutorial titled, Session Management in Your Express.js Web Application. This was a basic tutorial that is still very functional today, however little things have changed since then when it comes to how the web works. For example, in 2015 HTTPS was never a requirement and we weren't exposed to all the frontend web frameworks that exist today.

When you start introducing things into your web applications such as HTTPS or micro-services that operate on different origins or ports, or frontend frameworks, session management can get a little more complicated. We're going to see how to maintain a session for a user using Node.js with Express.js on our backend and Vue.js on our frontend, in this tutorial.

The Community Contributions Of 2018

December 10, 2018 Nic Raboy

With the 2018 year coming to an end, I wanted to take a moment to appreciate the guest content that was submitted and published on The Polyglot Developer this year. While I love sharing technical content with everyone, I love it even more when the community gets involved and does the same.

Let's take a look at the guest tutorials that appeared on the blog and the guest authors that wrote them.

Manage Passwords With GPG, The Command Line, And Pass

December 3, 2018 Nic Raboy

There are a lot of password managers on the market, some in the cloud, some local, all with features that may or may not be useful in all circumstances. I'm personally an advocate of being in control of your secure information and shedding reliance on closed source or cloud alternatives. This is why I use pass, the standard unix password manager.

The pass application is Mac and Linux compatible, but Windows support probably isn't impossible. The application works by maintaining a list of password files that have been encrypted using GPG, a widely used cryptography software. Decrypting the files will result in access to your password information.

We're going to take a look at using pass and see why it is a convenient option for password management.

U2F Authentication With A YubiKey Using Node.js And jQuery

November 25, 2018 Nic Raboy

About a week ago I had written about using HTTPS with Node.js and hinted at hardware based two-factor authentication as my reason for needing it. In case you're unfamiliar with 2FA, there are numerous approaches ranging from HMAC-based one-time passwords (HOTP) and time-based one-time passwords (TOTP) which are software based, to the hardware based universal two-factor (U2F) standard.

If you've been keeping up with the blog, you'll remember I had written a tutorial titled, Implement 2FA with Time-Based One-Time Passwords in a Node.js API, which focused on the software side of things. I recently picked up some YubiKey dongles and thought I'd try my luck with the hardware side of things.

In this tutorial, we're going to see how to implement U2F functionality in our Node.js powered RESTful API and interact with the API and our hardware dongles using jQuery in the web browser.