1. 19
  1. 5

    First technical post I’ve written. Would love to hear any feedback you might have.

    1. 3

      Congrats on your first post!

      I’ve used https://excalidraw.com/ for drawing diagrams for blog posts and presentations, it’s pretty neat.

      1. 1

        Awesome, thank you! This is exactly what I needed. I was spending so much time trying to make the diagrams look nice and ultimately said screw it, I’ll just make something that works. The site you linked looks perfect though! Super easy and informal style.

    2. 2

      Hi, congrats on your first article! I didn’t knew Cloudflare supported an equivalent to Amazon lambda function.

      Having read a lot about Oauth in the last few weeks, I learned something that you may find useful: In the case of Google, there is actually a way to get the user email without the worker: you can use Oauth implicit flow. If you specify id_token in response_type, it will use an implicit flow, which does not require a clientSecret (only your client id, but that is not something that need to be kept secret). Google seems to secure this by making you register what is the valid domain from which the call can be made. When the flow is completed and the final redirect occur, the token will be included directly in a URL hash fragment that you can read with JS (rather than a code to obtain said token). That token is a JWT that will contain the user email.

      If you use google sign-in or their provided google api javascript library, I think you can even get the information without ever leaving your app (you simply provide a javascript callback for when the authentication has completed)

      You can check it out at https://developers.google.com/identity/protocols/oauth2/openid-connect and https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow

      Sadly, GitHub does not support any of this, so you do require the worker function in their case. This ultimately mean that your solution is the most generic possible, so, nice one :)

      1. 2

        Good to know. I ended up implementing OAuth on Netlify using their Lambda adapter last week because I wanted to be able to connect to Google Docs. I guess I still would have needed Lambda for the docs processing I wanted to do, but in theory it could be moved to WASM and done as purely static pages.

        1. 1

          Wow, thanks! I didn’t know this. The Google docs in general for getting email information via OAuth seem slightly outdated. I had to rely on a Stackoverflow answer from 2019 because the API they said I should query in their docs wasn’t working. Yeah I’ll keep it as is for now so that it’s consistent, but thank you for suggestion. I’ll definitely remember that for the future :)