Better Pipelines with Monadex

Before I get started, let me be blunt, this is not another monad tutorial. The world has enough of those already. I’m not going to write about functors and applicatives or other technical theory. This is just a post about how a particular monad made my life better. The Problem: Network Requests I’m building a Phoenix app where people can buy something. So, I needed to integrate with my favorite gateway, Stripe, which involves making a series of network requests each time a user makes a purchase. [Read More]

How to Run Elixir in Cloud9's IDE

Cloud9 is a great web-based development platform. If you don’t have access to a dedicated machine you can set up for development, or if you just prefer to keep all your coding in neat, tiny VMs, Cloud9 could be just what you’re looking for. It’s particularly good for students learning to code. Cloud9 doesn’t provide an Elixir-specific workspace template, so you have to configure one yourself. Here’s how to do that: [Read More]

GenServers as Concurrent Objects

This is a post for fellow object-oriented developers trying to get their heads around how Elixir/Erlang use processes as a basic abstraction, rather than classes and objects.

[Read More]

Elixir as an Operating System

I recently was using a Synology Diskstation, and I was very impressed by their web admin interface. They have successfully emulated a desktop operating system, complete with downloadable programs, file browsing, and more. You can manage the whole system from the browser in a way that feels very much like Windows 7.

[Read More]

Avoid Long-Lived Feature Branches

Today, I intend to rail against the evils of long-lived feature branches. Having collaborated on a number of projects where they happened, I’m now convinced that they are almost always the wrong way to go.

[Read More]

Fixtures for Ecto

When you test an Elixir app that uses Ecto, you will find yourself needing a way to insert test data into the database. There are many different approaches to doing this, and I thought I’d cover a few, and then describe what I think the best approach is for Elixir.

[Read More]

Changing Your Ecto Encryption Key

Author’s Note: I’ve released an open-source Hex package that implements the approach to encryption I describe in this post. Read the announcement post here.

READ THIS FIRST: Encrypting Data with Ecto

In an earlier post, I wrote about how to encrypt data with Ecto, Elixir’s database library. However, I didn’t cover how to change your encryption key, which you’ll definitely want to do periodically. I want to show how do that in this post.

[Read More]

Encrypting Data With Ecto

Author’s Note: This post has been substantially updated since it was first posted. A much stronger crypto implementation has been used and the code has been reworked to be cleaner and more efficient.

I’ve also released an open-source Hex package that implements the approach to encryption I describe in this post. Read the announcement post here.

In the future, as privacy becomes more and more of an issue, we’re going to be encrypting a lot more of the data we store on the web. With that in mind, I thought it would be a good idea to figure out a good way to integrate data encryption with Elixir’s database library, Ecto.

[Read More]

Rate Limiting a Phoenix API

In my spare time, I’ve been working on a little Phoenix project that involves a JSON API. Developers frequently neglect rate limiting when they build an API, assuming they are even aware that it is a best practice.

It’s true that in many cases rate limiting isn’t worth the effort, but when it comes to authentication, it definitely is. For example, the recent high-profile iCloud security breach which released celebrity photos in to the internet could have been prevented had Apple implemented rate limiting on one of their authentication APIs. This would have prevented the brute-force attack that the hackers used to guess the celebrities’ passwords.

[Read More]