Month: October 2016

“A mind for numbers” book review

I’ve just read A mind for numbers by Barbara Oakley. I really liked the book and the way the information is presented there. In this post, I’m just going to provide a little summary on what this book is about. What I am writing here is just what I liked and had impression of.

States of mind. So the main idea of the book is that humans have two types of thinking – focused and diffused. The focused thinking implies that you intentionally think about some problem and try to solve it. Diffused thinking is opposite, you do not intentionally think about the problem and make no attempt to solve it.

These two states of mind always change each other and have their own pros and cons. For example, focused thinking is required in order to start solving a problem. You cannot solve a problem before you focus on it and intentionally try to solve it. But there are so many tough mathematical problems, that you cannot stay focused on it all the time and diffused thinking comes in.

In order to solve mathematical (and not only) problems, one should use both states of mind. The focused thinking collects information to process and does some processing on it too, but diffused thinking makes only processing using all the resources of the brain. It is important to start with focused thinking and and push it really hard, so that diffused state has required resources and can process it in the background.

Portions of information. When reading a technical book, always try to go through the whole chapter and read statements, look at the pictures and graphs, citations and other highlighted staff. This will help you to form portions of information so that when you start reading it from the beginning of the chapter, your mind can construct the full picture of what is going on.

When you are done with the chapter, always close the book and try to pull everything you can from your memory without looking into the book. It is proven that remembering works better not when you reread what you want to remember, but when you pull it from your memory. If you cannot do it for the first time, just reread it and try again. It works like a charm.

Procrastination. Habits are the actions that we used to do. They have three phases:

  1. Signal. It is when you receive a signal from the outer world.
  2. Action. This is the action you do after the signal is received.
  3. Compensation. (not about money) After the action is done, we feel good or bad, which determines whether we will continue to do this action next time.

The problem of procrastination is that the Compensation part is very pleasant. Lots of people scared of doing math and they even feel pain when thinking about it. What do you feel when thinking about your favorite youtube channel? I can guess, it is pleasure. That is why it is hard to do math and easy to procrastinate watching youtube videos or surfing the web after funny pics and etc.

In order to stop procrastinating, one should make compensation part more pleasant. Stating a goal to finish a task is a good way to increase compensation saying that you are done with a big part of the task. Changing the reaction to a signal is also helpful. For example, you’ve got a pic from your friend on WhatsApp and instead of chatting, you should keep working on the task. It is always good to turn off the Internet and sound on your phone while working.

Other tips. 

  • When you do not want to do something, but you know that it is important, just start doing it and you will see that it is easier than you thought.
  • When remembering something, always try to visualize it, because human’s brain works better with graphical staff than written staff.
  • If you think that you do not know about something because of someone else, you are mistaken. You are the only one who is responsible for your knowledge.
  • Tests and exams are good for you. As they make you to pull the information from you memory, what helps you to remember better.
  • Never give up 🙂

Central Authentication Service (CAS) implementation using Django microservices

Microservices are popular these days and a lot of companies tend to move from monolithic architecture to distributed ones.  I’ve just finished implementing CAS for Django microservices at BeSmart. I tried to find some tutorials on the subject, but didn’t find anything except for the official documentation on readthedocs.org, so I will try to make other devs’ lives a little bit easier.

Prerequisites

In this tutorial, I will be using Django framework for microservices. And then I will use django-mama-cas and django-cas-ng packages. So before beginning, make sure you go through the official documentation of the packages and get familiar with them.

django-mama-cas is CAS server package adapted to Django framework.

django-cas-ng is CAS client package adapted to Django framework.

The Central Authentication Service (CAS)

Before beginning, we need to understand what CAS is and what problems it solves.

The Wikipedia says: The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials (such as user id and password) only once. It also allows web applications to authenticate users without gaining access to a user’s security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.

In other words, CAS consists of two parts – the server part and the client part. I have a very good analogy of what CAS is. Say, your are going to a live concert of your favorite band. So, your application you want the users to authenticate to using the CAS protocol is the concert itself. There are ticket-agents that sell and validate tickets to the concert. The ticket-agent is the CAS server that gives the users permissions to access your application and validates their access credentials. And of course, people that go to the concert are CAS clients that get tickets and go to the concert.

Django microservices with CAS

Say you are building online shopping web application. So microservices will probably go like django-shop, django-billing, django-auth.

django-shop will present the products to users.

django-billing will accept users’s money for the products.

django-auth will authorize users, so that they have access to other two microservices.

Django-shop and django-billing both need provide users with authentication interface. You do not want users to provide their login and password to the first app and then repeat the same when purchasing goods. You want users login one time and have access to all your microservices.

I will not explain how to create django projects. You can find tons of tutorials on the subject if you google it. Just create the above three projects using virtualenv and continue here.

So, we have two CAS clients (django-shop and django-billing) and one CAS server (django-auth).

 

Django-auth project.

We will setup django-auth project first. Activate the environment and then do the following:

pip install django-mama-cas                # install CAS server package

Add django-mama-cas package to the list of installed apps in your settings.py file.

INSTALLED_APPS = (
    # ...existing apps...
    'mama_cas',
)

Once added, run ./manage.py migrate to create the required database tables.

Now we need to setup urls:

urlpatterns = [
    # ...existing urls...
    url(r'', include('mama_cas.urls')),
]

This makes the CAS server available at the top level of your project’s URL (e.g.http://127.0.0.1:8000/login)

MAMA_CAS_ENABLE_SINGLE_SIGN_OUT = True

Now add the following setting to your settings.py file. This will make sure that when you logout from one microservice, the CAS server will send logout requests to the rest of microservices.

MAMA_CAS_SERVICES = [
    {
        'SERVICE': 'http://127.0.1.1:8000',
        'CALLBACKS': [
            'mama_cas.callbacks.user_name_attributes',
        ],
        'LOGOUT_ALLOW': True,
        'LOGOUT_URL': 'http://127.0.1.1:8000/accounts/callback',
    },
    {
        'SERVICE': 'http://127.0.2.1:8000',
        'CALLBACKS': [
            'mama_cas.callbacks.user_name_attributes',
        ],
        'LOGOUT_ALLOW': True,
        'LOGOUT_URL': 'http://127.0.2.1:8000/accounts/callback',
    },
 ]

This setting is important. MAMA_CAS_SERVICES setting contains the information about CAS clients that will be able to authenticate to the CAS server.

As you probably have noticed, the SERVICE setting contains 127.0.1.1 and 127.0.2.1 as hosts. It is important to keep hosts for every microservice different since the authentication cookies will be saved to hosts, not ports.

The LOGOUT_URL setting contains the url where a request will be sent when user logs out from any service connected to the CAS server.

That is it for the CAS server.

Django-shop project.

Now we will setup our CAS client Django project. Activate the corresponding environment and run the following command:

pip install django-cas-ng                # this will install CAS client

And add this app to the list of INSTALLED_APPS:

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django_cas_ng',
    ...
)

Also, we need to add it’s middleware to our settings.

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    ...
)

And in order to authenticate from CAS server, add AUTHENTICATION_BACKEND

AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'django_cas_ng.backends.CASBackend',
)

And finally, add the following settings.

CAS_SERVER_URL = '127.0.0.1:8000'
CAS_VERSION = '3'

CAS_SERVER_URL contains the url of the CAS server, so that this app know where to redirect when user wants to authenticate.

CAS_VERSION is the version of the CAS Protocol. We will use the third version since it is tested well by django-mama-cas and django-cas-ng packages.

Now go to the main urls file and add the following urls so that proper authentication form is loaded.

import django_cas_ng

url(r'^accounts/login$', django_cas_ng.views.login, name='cas_ng_login'),
url(r'^accounts/logout$', django_cas_ng.views.logout, name='cas_ng_logout'),
url(r'^accounts/callback$', django_cas_ng.views.callback, name='cas_ng_proxy_callback'),

It is clear what first two urls do, they just use login and logout views of the django-cas-ng package. The last url processes logout request that come from the CAS server. (Look at the LOGOUT_URL setting of the django-auth settings.

Once added, run ./manage.py migrate to create the required database tables.

Django-billing project.

Do the same as for django-shop project.

 

Conclusion

Hopefully, it did not took too much time. I would recommend you to look at the official documentation and check for other functionalities of these packages. Also, make yourself familiar with the CAS protocol itself so that you can build more with this protocol.

And do not be shy to ask question!