Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "authentication"
I fucking want to skin alive my engineering senior director and VP.
Fucking piece of shit people. Looking at their faces from behind the screen, I can sense them stink doneky balls.
They have made my life hell.
The entire tech architecture is absolute shit in nature and engineers cannot even build a single blue colour button without creating a major fuss about it.
Every single aspect of product is built kept in my only the engineer persona. Everyone else can go and suck a racoon's dick.
And they have no concept of tech debt. They just keep building and building stuff. And then build some more.
Entire engineering org is in rush to ship shit at the end of sprint and if they don't then VP and Director are pissed. So to keep those two half witted donkeys happy, these people ship garbage. And all they comment is "cool, very cool".
And hence, entire fucking product is built because it's cool irrespective of whether it solves a problem or not.
A single user role authorisation or authentication is so fucking complex that it would take an eternity for even a developer to figure what's happening.
Fucking toxic human wastes.
There's a company wide mandate to use a certain tech stack, design guidelines, and a vision that all teams have to align. But these faggots are going in opposite direction to do what they feel like and forcing everyone else to ignore all other engagements or alignments with other teams.
These two people should be skinned alive in town square during noon and then left there until they dehydrate entirely. Fucking baboons.
I am so fucking pissed with such mindset.10
Good morning to everyone, except that one Twitter dev who one day woke up and was like "YOU KNOW WHAT, MY APPLICATION WILL FEATURE BOTH OAUTH1 AND OAUTH2 ENDPOINTS, BUT SOME FEATURES WILL BE EXCLUSIVE TO EITHER OF THE TWO -NOT NECESSARILY THE MOST RECENT, JUST A RANDOM ONE-, AND ALSO THE OFFICIAL TWITTER LIBRARY WON'T COVER ALL THE ENDPOINTS SO PEOPLE WILL HAVE TO RESORT TO RAW HTTP REQUESTS INSTEAD OF USING MY SDK AND ALSO I'MMA MAKE DEVELOPERS FILL 2 VERY DETAILED FORMS, REQUIRING PERSONAL DATA AND ACTUAL REAL PHONE CALLS, JUST TO START DEVELOPMENT WITH 7 DIFFERENT AUTHENTICATION TOKENS, BECAUSE SOME REQUESTS WILL REQUIRE A DIFFERENT AUTHENTICATION METHOD THAN THE OTHER REQUESTS DESPITE ALL OF THEM PERTAINING TO THE SAME FUCKING ENTITY"3
Today is the release of one of the projects I’ve been working on. It was a chaotic project, where I’ve had to contact many people just to get pieces of information necessary to complete the project. Anyway, today the manager ask what the URL of the web app is to give it to the client except I already warned him prior that since we don’t have the domain name for the web app it wouldn’t go past the authentication. But guess what happened? Yep that’s right it’s my fault yet again.
I keep warning my manager about potential issues with the projects I’m working on but they fall on deaf ears, and when the actual problem happens it’s all my fault because I didn’t check it earlier, I didn’t make a mail, I shouldn’t use Teams to tell him about it, I should monitor more closely, etc, despite having no time allocated whatsoever.
In short I work 7 hours a day but should have 9 to even get close to what I need to do, and I’m blamed with problems that I warn about3
Yeah, fuck all the authentication/authorization framework I build, just access manage resources directly and leak stuff, assign it to wrong accounts and don't even check if they should be able to with that eye shore you call code1
Somebody: (whinwy) we need something to log into nonprivileged technical accounts without our rootssh proxy. We want this pammodule pam_X.so
me: this stuff is old (-2013) and i can't find any source for it. How about using SSSD with libsss_sudo? Its an modern solution which would allow this with an advantage of using the existing infrastructure.
somebody: NO I WANT THIS MODULE.
me: ok i have it packaged under this name. Could you please test it by manipulating the pam config?
Somebody: WHAT WHY DO I NEED TO MANIPULATE THE PAMCONFIG?
me: because another package on our servers already manipulates the config and i don't want to create trouble by manipulate it.
Somebody: why are we discussing this. I said clearly what we need and we need it NOW.
we have an package that changes the pam config to our needs, we are starting to roll out the config via ansible, but we still use configuration packages on many servers
For authentication as root we use cyberark for logging the ssh sessions.
The older solution allowed additionally the login into non-rootaccounts, but it is shut down in the next few weeks after over half an year of both systems active and over half an year with the information that the login into non-privileged accounts will be no more.7
Twitter developers will authenticate half of their endpoints with some authentication method and the other half with a totally different one (which doesn't work) and their sales team will have the guts to contact you to check if you're still interested to access their API.
My only interest is feeding your corpse to the ravens.2
Sometimes while working I find a subproblem that is isolated from the original problem domain, for example token renewal in an RTR authentication system. I take note of what I've been working on, clear my head of the broader problem write an exact specification of the subproblem. Then I code to that specification. The result is usually a self-contained open-source module which continues to improve my pace of work for years to come.
Mongodb CEO and the developer who build this shit for brains interface should be tarred and feathered. Almost 90minutes in and I cannot connect to anything other than error codes. What in the actual fuck is your job other than to make it difficult for a "free tier" user to connect?
"connect ECONNREFUSED 127.0.0.1:27017"
Oh ok another 20 minutes of work and you give me a bland beige error code like "```TLS/SSL is disabled. If possible, enable TLS/SSL to avoid security vulnerabilities.```"... um ok how do I enable it for your site, your database or on my computer... oh wait you don't say shit do you?
So now I'm fully 81 minutes into this shit show and all I get for error codes are these really descriptive gems 'getaddrinfo ENOTFOUND cluster0.hudbd.mongodb 'dot' net` comes up if I choose `mongo` with "connection string scheme" above it or `bad auth : Authentication failed'7