xdayfit

Currently I’m implementing some communication with vault.
It’s half-way there, however there are some flaws.
Stay tuned!

Finished majority of frontend - currently it’s mostly placeholder (auth works however)
Right now I’m working at implementing mossy-vault <––> mossy-passwords communication, and implementing statistics microservice. Hopefully I will finish everything before flavortown ends
Cross your fingers!

Finally, there is auth logic on frontend (login/register), now I’ll focus on adding dashboard view to complete MVP version of frontend, and I’ll focus on implementing vault/password management related logic.
See ya!

Just implemented sign up tab, so rest of auth flow will be implemented pretty soon.
Btw reacts makes working with fronend super fun, it’s so so cool.
See ya!

Hi there!
Currently I’m writting mossy’s frontend, it’s looking pretty good for now, but it is not functional (no backend integrations for now).
Also I’ve improve unit test coverage in some microservices.
Frontend will be there in few days.
See ya

Hi there!
Just finished logic for synchronizing keys for vaults, using websockets,
It works like that:

1. During device registration, device provides DH_p and ID_p keys (X25519 and Ed25519).
2. If there are already other devices registered, then sync room is created.
3. Both peers join room
4. Sender sends encrypted master key (MK)
   Also I’ve made protection against anti-replay attack (used sends a signature from random nonce and dh public key (DH_p) so request cannot be replayed)
   That’s it for now!
   See ya

Hi there!
Finally, after looong time I’ve finished authentication logic (over 4k lines of code!), I’ve added option to logout from account, and many many tests for super-fast testing. Now I can focus on domain logic, and making some frontend.
Bye!

Hello.
After 5h I’ve figured out some things about starters in Spring Boot. Turns out, that you can’t declare @ControllerAdvice and SecurityFilterChain inside of an starter. Best part? Framework throws some random runtime exception, that leaves you confused. Anyway, authentication flow is ready, currently I will write some tests, and I’m looking forward to merging it.
See ya

Hi there!
From last devlog I’ve improved majority of auth logic: right now architecture is perfectly scallable, so replicing microservices is not a issue no more. JWKS flow was redesigned: there is now a dedicated microservice for just receiving and displating well-know JWKS. Also logging in via credentials works flawless. I’ve also improved many other things (such as JWKS fallback to http if RabbitMQ fails).
See ya soon,
hopefully I’ll return with working auth logic, cross your fingers!

Hi there!
For the last 7 hours I have been working on the authentication system (JWKS, OAuth, etc.). I have also learned React, so I can write Mossy’s web extension all by myself. The prototype of the web extension is halfway there. However, to develop it further, I need to finish the auth system.

See you soon!

Hi there!
I’ve successfully managed to design, and code majority of domain logic microservices, vault now, communicates with backend with STOMP + SockJS, it’s stable, and real-time. I am looking forward to writing authentication related microservices.
See ya!

Hi!
Mossy is kinda complicated project, so for most of the time I was figuring out a way to make everything secure. Mossy vaults (place where Mossy will store passwords at your self-hosted environment) will communicate with core (global backend microservice) via WebSockets. I’ve also figured many many other things. In terms of actual coding I’ve created “vault” and “core” microservices with basic logic. I’m really excited to work on this project overall!
See ya soon

Hi there!
Aurora is ready to go (or at least I think it’s ready to go), I’ve improved many many things. Here are most important things:

• Added resume deletation
• Added templates language versions
• Fixed many many bugs
• Migrated uploading to use multipart form data, instead of pure JSON
• Probably more!

Yo!
In recent changes, I’ve fixed major stability issues. Turns out pure WebSockets are not as stable as I would like (no heartbeat, no fallback), so WS communication was migrated to SockJS, and it works perfectly! Also, I’ve made a change: instead of seeing the profile image you used in your resume, you now see the top part of the generated resume. I think it’s pretty nice.
See ya soon!

Hello there,
Today I’ve made major changes to UX, it’s so so much better right now, whole process feels like magic ! Some things that were unstable (e. g auto-generation) are working pretty good right now. Still there are very little bugs / flaws here and there, but I’m gonna fix them tomorrow, overall I’m happy with the result.
See ya!

Hi there!
This 3h worth of coding was about making final touches such as adding some fields to dtos, and integrating backend with frontend (I hate you CORS), still there are some flaws, but most of the work is done.
We’re really close to finishing this project, see you soon!

Hello there!
Finally we’ve managed to successfully implement logging in / registering via OAuth2, Also I made minor improvements to CORS, and I’ve migrated logging system to use cookies, instead of authorization header. The last thing that I’ve improved are ways to fetch data from backend.

Hello,
Today I’ve implemented OAuth2 login system, thanks to that, Aurora now supports logging in with your GitHub and Google account. I’ve also made other, minor improvements to whole auth flow.

Today I improved several things in Aurora.
First, my friend asked me to add some fields to the /getAll endpoint, which I did. While working on that, I noticed something was really off, the response body with just one resume was 29 MB. Profile images are now compressed and scaled before saving, which reduced the /getAll response size to about 500 KB (impressive, huh?).
Second, I worked on implementing additional features for the new unified tracking system. It works, but still needs some testing before being sent to production.
Lastly, I updated Aurora’s website icon, it looks much better now.

Today I’ve made a major progress in unifying the status tracking system. Each action such as: autogeneration, translation, enhancement is now tracked with dedicated tracker, and each status change is being send by websockets protocol. Tracking system is not perfect yet, but I think it will be ready tomorrow. Stay tuned!