Derek Zeng

Loneliness is the gift of life

How to design a proper permission system

Any content management system must have a robust "auth" component. "Auth" stands for authentication and authorization. Authentication is an well talked topic. Authorization is the interest of this ...

Read more

Stack Overflow

I am a veteran stack overflow user. Most of time I only read answers I needed. I rarely find any questions I can anwser because, they are either already handled by other professional or too compli...

Read more


这几年我都没有买什么电脑,因为公司里的笔记本可以带回家用,速度快,屏幕好,用的很爽。我自己是有台笔记本的,只不过有点旧,四年前买的二手MacBook,4G内存,i5的处理器。但可能是已经用了好几年了,速度异常的慢。 最近公司里的裁员风波让我意识到,公司的电脑私用有可能导致自己的东西丢失。被裁员的人都是当天就被要求交还电脑离开的。有点残酷,但这也是规章制度。 在家里还是不要太依赖公司的电脑。想...

Read more

Android dev note 1

Coding android application is always an enjoyable process for me. I find the following stuff intrigued me a lot. Self-contained activity and task stack As a mobile OS, android is very memory-cons...

Read more

2FA vs. device ID auth

This is a question I posted on stackoverflow. We are creating an android application which requires multiple ways to secure authentications. Current solution: username/passwor...

Read more

API is very important

I was reading coolshell.cn tonight. The author refers to the chapter of modularity in the book The Art of Unix Programming as the most charming chapter. Thus, I searched and read it. When I read th...

Read more

Styling in Android

Android Development team tries to make styling applications as easy as styling a web page. We can change the look and feel of every element within the application. For example, the background of te...

Read more

Understanding backbone 1

I started using backbone in my project to build a portal for admin users. It's my first attemp using backbone seriously, though I have played with it for quite a while. In backbone, the entry poin...

Read more

About Authentication

这篇文章记录一下我对验证浅薄的认识。 身份认证是网络应用真非常重要的一个部分。通常我们做认证的目的有两个 确认请求发送者身份 授权用户资源给第三方应用 这里主要说的是第一种。 最简单的情况是用户名和密码验证。客户端让用户输入用户名和密码,然后发给服务端进行验证。服务端在数据库里通过用户名找到被加密的密码。然后用相同方式加密收到的密码并跟数据库密码比较,如果相同就验证成功。验证成功后,服务...

Read more

2-legged vs. 3-legged OAuth

Published on January 10, 2011, by cakebaker From emails I receive it seems like there is a bit of confusion about what the terms 2-legged OAuth and 3-legged OAuth mean. I hope I can clear up this ...

Read more

1 2 3 4 5 6