E-commerce business is growing day by day as it saves time and cost for people traveling to meet or perform businesses in person. More people are conducting business online by creating accounts using email or phone verification. This has posed a challenge for everyone to identify the persons who we are claiming online. Online hackers have used false Identity to deceive or defraud someone else. Hence, Electronic Identity ( eID) provides a way for businesses to verify a person's identity online and reduce the chances of Identity Fraud.
\nElectronic identity is an electronic card or device with a unique identity number issued by either a government agency or some banks. A consumer needs to go to the government agency or some banks and show valid identity documents. After the document verification, an Electronic Identity is issued to the consumer. Examples of e-IDs are Danish NemID, Swedish BankID, and Dutch DigiD.
\nMost service providers such as financial institutions and insurance firms provide services online and are recognizing an opportunity in implementing eID due to strict Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements.
\neIDs are used to authenticate consumers online across multiple platforms and services. eIDs also allow the consumers to sign documents online, and the companies can trust the signature as the electronic identity is issued by the government or banks based on physical identity documents. This is fast, convenient, and secure for the consumers as they are saved from completing registration forms for multiple services. Hence, this increases the conversion for the businesses.
\nLoginRadius supports all the major industry federated SSO methods. Hence, you can integrate eID authentication with LoginRadius using some third application like Criipto, which supports the industry-standard SSO methods. Criipto allows the integration of an eID with the LoginRadius application using JWT SSO Login flow. Jason Web Token ( JWT) is a signed token that transfers the information from one service to another securely.
\nPlease see the following steps to register your LoginRadius app in your Criipto account.
\nAdd the following information:\n
Data Mapping:
\n\nIn C#, We have majorly two types of data types Value and Reference type. We can not assign a null value directly to the Value data type. In this case, C# 2.0 provides us the Nullable types to assign a value data type to null.
\nAs described above, The Nullable types used to assign the null value to the value data type. That means we can assign a null value directly to a variable of the value data type. We can declare null value using Nullable<T> where T is a type like an int, float, bool, etc.
Nullable types represent the Null value as well the actual range of that data type. Like the int data type can hold the value from -2147483648 to 2147483647 but a Nullable int can hold the value null and range from -2147483648 to 2147483647
There are two ways to declare Nullable types.
\nNullable<int> example;OR
\nint? Example;Nullable types have two properties.
\nHasValue: This property returns a bool value based on that if the Nullable variable has some value or not. If the variable has some value, then it will return true; otherwise, it will return false if it doesn’t have value or it’s null.
\nNullable<int> a = null;\nConsole.WriteLine(a.HasValue); // Print False\nNullable<int> b = 9;\nConsole.WriteLine(b.HasValue); // Print TrueValue: This property gives the value of the Nullable type variable. If the variable has some value, it will return the value; else, it will give the runtime InvalidOperationException exception when the variable value is null.
Nullable<int> a = null;\nConsole.WriteLine(a.Value); // Gives run time exception of type 'InvalidOperationException'Nullable<int> b = 9;\nConsole.WriteLine(b.Value); // Print 9GetValueOrDefault(): This method returns the actually assigned value of the Nullable type variable if the value is not null, and if the variable value is null, then it will give the default value of that data type. Here is the example code
\nNullable<int> a = 9;\nConsole.WriteLine(a.GetValueOrDefault()); // Returns 9Nullable<int> a = null;\nConsole.WriteLine(a.GetValueOrDefault()); // Returns 0To use the Nullable type as a local variable, it should be declared first; it will give a compile-time error. This rule is similar to the value data type.
\nint? b;\nConsole.WriteLine(b.Value); //Compile time error 'use of unassigned local variable b'If the Nullable variable is a property in a class and after that, if we are accessing that Nullable variable, then it will not give any error because, in the class variable, it is declared as null automatically.
class Test\n{\n public int? B;\n}\nclass Program\n{\n static void Main(string[] args)\n {\n Console.WriteLine(new Test().B); // No compile time error\n }\n}We can not assign the Nullable type variable value to the non-nullable type variable directly. As in the example below, if we try to assign the value, it will give the compile-time error.
\nint? a = 10;\nint b = a;//Compile time error `Cannot implicitly convert type 'int?' to 'int'. An explicit conversion exists (are you missing a cast?)`Note: We can use compare operators == and != operator with Nullable type variables and non Nullable type variables.
For the Nullable variable, we can use the null coalescing operator (??) to check if the variable value is null or not. Then we can assign the non-nullable type variable value according to that. This operator can be used when we are unsure that at run time if that Nullable variable's value is changed according to our logic or not. Here is an example of that
int? a=null;\nint b=a?? 10;\nConsole.WriteLine(b); // Prints 10In the above example, if the variable a value is null,, it will assign the value 10 to b variable. In that case, b is assigned with value 10, and the printed value will be 10.
\nIn this article, We have discussed the Nullable types, and it's properties and methods. The main advantage of using the Nullable types is that we can store the Null value in a column of a database using this type. If you want to learn more about C# here is an article written by me on How to Use Enum in C#
\n","frontmatter":{"date":"January 29, 2021","updated_date":null,"description":"Nullable is a term in C# that allows an extra value null to be owned by a form. We will learn in this article how to work with Nullable types in C#.","title":"How to Work with Nullable Types in C#","tags":["C#","Nullable"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/683771faa7dbd78039f0a89ea94ad469/14b42/coverimage.jpg","srcSet":"/static/683771faa7dbd78039f0a89ea94ad469/f836f/coverimage.jpg 200w,\n/static/683771faa7dbd78039f0a89ea94ad469/2244e/coverimage.jpg 400w,\n/static/683771faa7dbd78039f0a89ea94ad469/14b42/coverimage.jpg 800w,\n/static/683771faa7dbd78039f0a89ea94ad469/9842e/coverimage.jpg 900w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Hemant Manwani","github":"hemant404","avatar":null}}}},{"node":{"excerpt":"Many of us have to choose between Merge and Rebase as a Developer. Here I'll explain what merge and rebase are, why you should use them, and…","fields":{"slug":"/engineering/git-rebase-vs-git-merge/"},"html":"Many of us have to choose between Merge and Rebase as a Developer. Here I'll explain what merge and rebase are, why you should use them, and how to do so.
\nThe same function is fulfilled by Git Merge and Git Rebase. They are built to incorporate adjustments into one from different divisions. Although the end objective is the same, it is done in various ways by those two approaches, and it is useful to know the difference as you become a better developer of software.
\nGit Merge and Git Rebase are both used to combine the changes of branches but in a distinct way.
\nGit Merge - For developers using version control systems, merging is a prevalent method. Merging takes the contents of a source branch and combines them with a target branch, to be more precise. Only the target branch is updated in this process. The history of the source branch remains similar.
\nGit Rebase - Another way to integrate modifications from one branch to another is by Rebase. Rebase compresses all the modifications into a single patch. The patch is then inserted into the target branch.
\nCombine multiple branch histories together.
\n A---B---C feature\n /\nD---E---F---G master if we are merging feature and master branch, then it would be
\n A---B---C feature\n / \\\nD---E---F---G---H masterCommands for merging feature and master branch
\ngit checkout feature\ngit merge master
Note:
\nresolve conflicts\ngit add (changes)\ngit merge --continueReapply commits on top of the base branch
\n A---B---C feature\n /\nD---E---F---G masterif we are rebasing the feature branch onto the master branch, then it would be
\n\t A'--B'--C' feature\n\t /\n\tD---E---F---G masterCommands for merging feature and master branch
\ngit checkout feature\ngit rebase master
Note:
\nresolve conflicts\ngit add (changes)\ngit rebase --continueI hope some perspectives on Git merge and Git rebase have been provided by this description. The strategy of merge vs rebase is still debatable. But maybe this article will help to dispel your doubts and encourage you to take an approach that works for your team. Here are few articles posted by me that will help you in learning few more things in Git:
\n\nDo comment on the subjects that you would like me to write about in the coming weeks :)
\n","frontmatter":{"date":"January 27, 2021","updated_date":null,"description":"In this post, I will give you a walkthrough on merge and rebase, comparing Git rebase vs. Git merge to find out the similarities and differences.","title":"Git merge vs. Git Rebase: What's the difference?","tags":["GIT"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/84d7585291c78a887f774814c64479d6/ee604/merge.png","srcSet":"/static/84d7585291c78a887f774814c64479d6/69585/merge.png 200w,\n/static/84d7585291c78a887f774814c64479d6/497c6/merge.png 400w,\n/static/84d7585291c78a887f774814c64479d6/ee604/merge.png 800w,\n/static/84d7585291c78a887f774814c64479d6/f3583/merge.png 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Abhimanyu Singh Rathore","github":"abhir9","avatar":null}}}},{"node":{"excerpt":"An infrastructure layer that allows you to manage communication between the microservices of your application is a service mesh. As more…","fields":{"slug":"/engineering/istio-installation-and-service-configuration/"},"html":"An infrastructure layer that allows you to manage communication between the microservices of your application is a service mesh. As more developers work with microservices, by consolidating common management and administrative tasks in a distributed setup, service meshes have developed to make the job easier and more effective.
\nTo know more about Istio, you can read this article on Istio service mesh to understand the basic terminology, In this tutorial, will explain how to install and configure Istio. Let's get started.
\nGet the latest Istio release:
\ncurl -L https://istio.io/downloadIstio | sh -Extract the archive and export the bin directory in the environment path.
\nThis will also install istioctl, a command-line tool to manage Istio service mesh.
\nIstio provides various built-in configuration profiles, a set of pre-defined configs related to data and control plane. We can customize the configs according to our needs.
\nFor testing locally or trying it ou, you can use a demo profile. For dev and other environments, we will be using the default configuration profile.
\nistioctl install --set profile=demoRun:
\nistioctl profile dump defaultto see the various configurations. We can change those flag using istioctl commands and --set flag.
\nFor development purpose, we can enabled/changes following flags:
\nistioctl install --set addonComponents.kiali.enabled=true \\ \n--set components.telemetry.enabled=true \\ \n--set components.citadel.enabled=true \\ \n--set values.global.proxy.privileged=true \\ \n--set addonComponents.tracing.enabled=true \\ \n--set values.pilot.traceSampling=100.0 \\ \n--set values.global.proxy.tracer=datadogThe path value of --set flag is the YAML path, which you can see in the profile dump command.
\n\nWhile changing any config, make sure to pass all the previous flags with the new ones. For example, if first time, you enabled istioctl install --set addonComponents.kiali.enabled=true and now let’s say, you want to enable citadel, then you have to pass both flags like this: istioctl install --set addonComponents.kiali.enabled=true --set components.telemetry.enabled=true.\nFailing to add any previously enabled variable will revert the config to its default values.\nOne way to store the dump in a file and do istioctl apply or use helm charts for Istio.
\n
For Istio to work properly, a sidecar Envoy proxy needs to be enabled for the services. By default, the Istio control plane will not enable any sidecar to any services. To enable sidecar, we have to add labels at the namespace level.
\nkubectl label namespace dsl-test istio-injection=enabledYou need to have this label even if you do not want to add a sidecar to all your services.
\nYou need to restart the pods.
\nFor services, which do not require sidecar, we need to add the following annotation in the deployment template:
\n# Pod Annotations \npodAnnotations: \n\tsidecar.istio.io/inject: "false"For demonstration, we will take two demo services demo-1 and demo-2, and configure both services with Istio, and will try to call demo-2 service from demo-1. Make sure there is an env variable in demo-1, which we will configure with demo-2 internal DNS url. The programming language for the two services does not matter here.
\nA service configuration requires a VirtualService, DestinationRule, PeerAuthentication, and optionally a Gateway configuration.
\napiVersion: networking.istio.io/v1alpha3 \nkind: Gateway \nmetadata: \n\tname: demo-1\nspec: \n\tselector: \n\t\tistio: ingressgateway \n\tservers: \n\t- port: \n\t\tnumber: 80 \n\t\tname: http \n\t\tprotocol: HTTP \n\t- hosts: \n\t\t- "demo-1.example.com"Gateway is used when we want to access the services from the public network.
\nHere we are using the default gateway provided by the Istio. We can also create multiple gateways and assign the proper name here.
\nThe above gateway configuration enables both HTTP and HTTPS communication. In the case of HTTPS, we have to supply the secret containing the CA certs and key.
\nspec:\n\tservers: \n\t- port: \n\t\tnumber: 443\n\t\tname: http \n\t\tprotocol: HTTP\n\t tls: \n\t\tmode: SIMPLE \n\t\tcredentialName: div4-dev-certs\n\t hosts: \n\t\t- "demo-1.example.com"We can apply the same gateway for demo-2. We just have to update the hosts and metadata name. Since we will demo-2 internally from demo-1, there is no need for an external gateway for demo-2 here.
\n---\napiVersion: networking.istio.io/v1alpha3\nkind: VirtualService\nmetadata:\n name: demo-1\nspec:\n hosts:\n - "demo-1.test.svc.cluster.local"\n - "demo-1.example.com"\n gateways:\n - demo-1\n http:\n - route:\n - destination:\n host: demo-1.test.svc.cluster.local\n port:\n number: 80spec.hosts: Specifies the URL which the caller of the service will use. Here, dsl-es.pbdp.svc.cluster.local will be used by the services calling internally. The endpoint demo-1.example.com will be exposed publicly, and it should match the spec.servers.hosts value in Gateway config.
\nspec.gateways: In order for the gateways configured above to reach the service, we need to define the gateway metadata name here.
\nhttp.route.destination.host: This value should be the actual service FQDN.
\nAfter the virtualservice decides the destination hosts, DestinationRule defines the configuration on the actual service. DestinationRule is optional and is needed only in case we want to override the default behavior.
\n---\napiVersion: networking.istio.io/v1alpha3\nkind: DestinationRule\nmetadata:\n name: demo-1\nspec:\n host: "demo-1.test.svc.cluster.local"\n trafficPolicy:\n loadBalancer:\n simple: ROUND_ROBIN\n tls:\n mode: ISTIO_MUTUALspec.host: specifies service FQDN
\nspec.trafficPolicy: Specifies policy on the traffic. Here we can specify load balancing algorithms, TLS mode, circuit breaking policies.
\nspec.trafficPolicy.tls.mode: ISTIO_MUTUAL mode is a TLS mode where we will use the certificates generated by the Istio.
\nA configuration like circuit breakers, outlier detection comes under the Destination Rule.
\nThis configuration defines how the other services will connect.
\n---\napiVersion: security.istio.io/v1beta1\nkind: PeerAuthentication\nmetadata:\n name: demo-1\nspec:\n selector:\n matchLabels:\n app: demo-1\n mtls:\n mode: STRICTspec.selector.matchLabels.app: Specify the deployment label on which this configuration will be applied.
\nspec.mtls.mode: TLS mode. STRICT being the connection will always be mutual tls.
\nPeerAuthentication can be applied to a whole namespace. This is useful when all the services in the namespace are part of the mesh.
\n\n\nApply the same configuration for virutalservice, destination, and peerauthentication by replacing demo-1 with demo-2 assuming both services are in the same namespace.
\n
kubectl apply -f <file>.yaml -n testAccess the objects:
\nkubectl get virtualservices -n pbdp\nkubectl get gateways -n pbdp\nkubectl get destinationrule -n pbdp\nkubectl get peerauthentication -n pbdpNow update the env for demo-2 with demo-2.test.svc.cluster.local in demo-1 service.
In this article, we will address how to perform basic query operations in MongoDB. We are producing data at an unparalleled pace now following the global spread of the internet. Since it will require us to collect/request the required data from the database to conduct some kind of analysis, it is of utmost importance that we choose the right tool to query the data.
\nThis is where MongoDB comes in, specifically. MongoDB is an unstructured database which, in the form of documents, stores data. In addition, MongoDB is very effective in handling enormous amounts of data and is the most commonly used NoSQL database as it provides rich query language and versatile and easy data access.
\nBefore the start, we will create a sample DB with some sample data to perform all operations.
\nWe will create a database with name myDB and will create a collection with name orders. For this, the statement would be as follows.
\n> use myDB\n> db.createCollection("orders")\n>MongoDB doesn't use the rows and columns. It stores the data in a document format. A collection is a group of documents.
\nYou can check all collections in a database by using the following statement.
\n> use myDB\n>show collections\norders\nsystem.indexes\n>Let's insert some documents by using the following statement.
\n> db.orders.insert([\n\t{\n\t\tCustomer: "abc",\n\t\tAddress:{"City":"Jaipur","Country":"India"},\n\t\tPaymentMode":"Card",\n\t\tEmail:"abc@mail.in",\n\t\tOrderTotal: 1000.00,\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":10},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"journal","Price":"200.00","Qty":2},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\t\t\n\t},\n\t{\n\t\tCustomer: "xyz",\n\t\tAddress:{"City":"Delhi","Country":"India"},\n\t\tPaymentMode":"Cash",\n\t\tOrderTotal: 800.00,\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\t\t\n\t},\n\t{\n\t\tCustomer: "ron",\n\t\tAddress:{"City":"New York","Country":"USA"},\n\t\tPaymentMode":"Card",\n\t\tEmail:"ron@mail.com",\n\t\tOrderTotal: 800.00,\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":00}\n\t\t]\t\t\n\t}\n])A document is the equivalent of an RDBMS row. It doesn't need to have the same schema in each document. It means a document might not have any field that doesn't have any value.
\nYou need to use the find() method to query documents from MongoDB collections. The following statement will retrieve all documents from the collection.
\n> db.orders.find()\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tAddress:{"City":"Jaipur","Country":"India"},\n\t\tPaymentMode":"Card",\n\t\tEmail:"abc@mail.com",\n\t\tOrderTotal: 1000.00,\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":10},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"journal","Price":"200.00","Qty":2},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\t\t\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tAddress:{"City":"Delhi","Country":"India"},\n\t\tPaymentMode":"Cash",\n\t\tOrderTotal: 800.00,\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607644c"),\n\t\tCustomer: "ron",\n\t\tAddress:{"City":"New York","Country":"USA"},\n\t\tPaymentMode":"Card",\n\t\tEmail:"ron@mail.com",\n\t\tOrderTotal: 600.00,\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":00}\n\t\t]\n\t}\n>If you want to fetch only selected fields then you can use the projection. Following statement will fetch only Customer and Email field.
\n> db.orders.find( { }, { Customer: 1, Email: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tEmail:"abc@mail.com"\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz"\t\t\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607644c"),\n\t\tCustomer: "ron",\n\t\tEmail:"ron@mail.com"\t\t\n\t}\n>Now we will learn how we can fetch the documents that match a specified condition. MongoDB provides many comparison operators for this.
\nThe $eq operator checks the equality of the field value with the specified value. To fetch the order where PaymentMode is 'Card' you can use the following statement
\n>db.orders.find( { PaymentMode: { $eq: "Card" } } )This query can be written also like below
\n>db.orders.find( { PaymentMode: "Card" } )A similar SQL statement would be as follows
\nSELECT * FROM orders WHERE PaymentMode="Card"Example
\n>db.orders.find( { PaymentMode: "Card" }, { Customer: 1, PaymentMode: 1 } )\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tPaymentMode":"Card"\t\t\t\t\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607644c"),\n\t\tCustomer: "ron",\n\t\tPaymentMode":"Card"\n\t}\n>$eq Operator with embedded document
\nYou may have noticed that we inserted an embedded document Address in the Orders collection. If you want to fetch the order where Country is 'India' you can use a dot notation like the following statement.
\n>db.Orders.find( { "Address.Country": { $eq: "India" } } )This query can be written also like below
\n>db.Orders.find( { "Address.Country":"India" } )Example
\n>db.Orders.find( { "Address.Country": { $eq: "India" } } , { Customer: 1, Address: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tAddress:{"City":"Jaipur","Country":"India"}\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tAddress:{"City":"Delhi","Country":"India"}\n\t}\n>$eq Operator with array
\n$eq operator will retrieve all the documents if the specified condition is true for any item in an array. We have an OrderItems array in the document. If you want to filter the documents where 'paper' were also ordered then the statement would be as follows.
\n>db.Orders.find( { "OrderItems.ItemName": { $eq: "paper" } } )This query can be written also like below
\n>db.Orders.find( { "OrderItems.ItemName": "paper" } )Example
\n>db.Orders.find( { "OrderItems.ItemName": { $eq: "paper" } } , { Customer: 1, OrderItems: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":10},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"journal","Price":"200.00","Qty":2},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\t\t\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\n\t}\n>You can use the $gt operator to retrieve the documents where a field’s value is greater than the specified value. The following statement will fetch the documents where OrderTotal is greater than 800.
\n>db.orders.find( { OrderTotal: { $gt: 800.00 } } )A similar SQL statement would be as follows
\nSELECT * FROM orders WHERE OrderTotal>800.00Example
\n>db.Orders.find( { "OrderTotal": { $gt: 800.00 } } , { Customer: 1, OrderTotal: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tOrderTotal: 1000.00\n\t}\n>You can use the $gte operator to retrieve the documents where a field’s value is greater than or equal to the specified value. The following statement will fetch the documents where OrderTotal is greater than or equal to 800.
\n>db.orders.find( { OrderTotal: { $gte: 800.00 } } )A similar SQL statement would be as follows
\nSELECT * FROM orders WHERE OrderTotal>=800.00Example
\n>db.Orders.find( { "OrderTotal": { $gte: 800.00 } } , { Customer: 1, OrderTotal: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tOrderTotal: 1000.00\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tOrderTotal: 800.00\n\t}\n>You can use the $lt operator to retrieve the documents where a field’s value is less than the specified value. The following statement will fetch the documents where OrderTotal is less than 800.
\n>db.orders.find( { OrderTotal: { $lt: 800.00 } } )A similar SQL statement would be as follows
\nSELECT * FROM orders WHERE OrderTotal<800.00Example
\n>db.Orders.find( { "OrderTotal": { $lt: 800.00 } } , { Customer: 1, OrderTotal: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607644c"),\n\t\tCustomer: "ron",\n\t\tOrderTotal: 600.00\n\t}\n>You can use the $lte operator to retrieve the documents where a field’s value is less than or equal to the specified value. Following statement will fetch the documents where OrderTotal is less than or equal to 800.
\n>db.orders.find( { OrderTotal: { $lte: 800.00 } } )A similar SQL statement would be as follows
\nSELECT * FROM orders WHERE OrderTotal<=800.00Example
\n>db.Orders.find( { "OrderTotal": { $lte: 800.00 } } , { Customer: 1, OrderTotal: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tOrderTotal: 800.00\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607644c"),\n\t\tCustomer: "ron",\n\t\tOrderTotal: 600.00\n\t}\n>You can use the $ne operator to retrieve the documents where a field’s value is not equal to the specified value.
\n>db.orders.find( { PaymentMode: { $ne: "Card" } } )A similar SQL statement would be as follows
\nSELECT * FROM orders WHERE PaymentMode != "Card"Example
\n>db.Orders.find( { "PaymentMode": { $ne: "Card" } } , { Customer: 1, PaymentMode: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tPaymentMode":"Cash"\n\t}\n>You can use the $in operator to retrieve the documents where a field’s value is equal to any value in the specified array.
\n>db.orders.find( { OrderItems.ItemName: { $in: ["journal","paper"] } } )Example
\n>db.Orders.find( { OrderItems.ItemName: { $in: ["journal","paper"] } } , { Customer: 1, OrderItems: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607534c")\n\t\tCustomer: "abc",\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":10},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"journal","Price":"200.00","Qty":2},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\t\t\n\t},\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607544c"),\n\t\tCustomer: "xyz",\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"paper","Price":"10.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":500}\n\t\t]\n\t}\n>You can use the $nin operator to retrieve the documents where a field’s value is not equal to any value in the specified array. It will also select the documents where the field does not exist.
\n>db.orders.find( { OrderItems.ItemName: { $nin: ["journal","paper"] } } )Example
\n>db.Orders.find( { OrderItems.ItemName: { $nin: ["journal","paper"] } } , { Customer: 1, OrderItems: 1 })\n\t{\n\t\t"_id" : ObjectId("5dd4e2cc0821d3b44607644c"),\n\t\tCustomer: "ron",\n\t\tOrderItems:[\n\t\t\t{"ItemName":"notebook","Price":"150.00","Qty":5},\n\t\t\t{"ItemName":"postcard","Price":"10.00","Qty":00}\n\t\t]\n\t}\n>We know that indexing is very important if we are performing the queries on a large database. Without indexing execution of a query can be expensive. We can add a simple ascending index on a single field by using the following statement.
\n>db.Orders.createIndex({"Customer":1})MongoDB creates a unique index on ‘_id’ field by default. A unique index will prevent insertion of two documents with the same value for that field. If you want to create a unique index then the statement would be as follows.
\ndb.Orders.createIndex( { "OrderId": 1 }, { unique: true } )I hope you learned something new today, If you want to learn few more stuff on MongoDB, here is an interesting article on Self-Hosted MongoDB I also invite you to try stuff on your own and share your experience in the comment section. Furthermore, if you face any problems with any of the above definitions, please feel free to ask me in the comments below.
\n","frontmatter":{"date":"January 20, 2021","updated_date":null,"description":null,"title":"How to Perform Basic Query Operations in MongoDB","tags":["MongoDB"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/4baf4f017625700154de23531c7ef2a8/ee604/coverImage.png","srcSet":"/static/4baf4f017625700154de23531c7ef2a8/69585/coverImage.png 200w,\n/static/4baf4f017625700154de23531c7ef2a8/497c6/coverImage.png 400w,\n/static/4baf4f017625700154de23531c7ef2a8/ee604/coverImage.png 800w,\n/static/4baf4f017625700154de23531c7ef2a8/f3583/coverImage.png 1200w,\n/static/4baf4f017625700154de23531c7ef2a8/5707d/coverImage.png 1600w,\n/static/4baf4f017625700154de23531c7ef2a8/eeb1b/coverImage.png 1920w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Anil Gupta","github":"anilswm","avatar":null}}}},{"node":{"excerpt":"As we all know, JSON Web Tokens are a way of sending information between parties in a way where the sender's authenticity can be verified…","fields":{"slug":"/engineering/invalidating-jwt/"},"html":"As we all know, JSON Web Tokens are a way of sending information between parties in a way where the sender's authenticity can be verified. It is essentially a JSON object with a signature. Using this signature, services that issue these tokens can verify that they are the ones who issued this token and thus can trust the claims which are contained within.
\nThe trustworthiness of these tokens make them popular for use in authorization and authentication scenarios:
\nFor this post, we'll be focusing on the former use case. So having a token with trustworthy claims is great; we can take the token at its word, and trust all of the information that it has contained within as gospel. Our server is unburdened from having to potentially make database calls to verify the user's role, their permissions, their existence, or even if they're logged in. Once the server has generated the token, as far as it is concerned, no state has to be maintained regarding the validity of the token. It will expire once its expiration time included in its claim has passed.
\nBut before we go ahead and use this for all of our authorization needs, we have to remember that while JSON Web Tokens themselves are stateless, to have a robust, feasible, and controllable authorization workflow, we'll have to maintain some state one way or another.
\nYou can think of an authorization token as an elementary school hall pass. The teacher (resource server) knows that it is a legitimate hall pass because it is green, 6 cm x 12 cm and has a signature from another member of the faculty. Now imagine that you've issued a hall pass, but now you need to take it back (you've changed your mind, or the kid did something bad). Your options are:
\nOther than the 3rd option which may or may not be feasible depending on your use case (most likely not), we can see that it is not possible to reliably remove or revoke a token without maintaining state. The solutions that I've looked upon Stack Overflow for invalidating these tokens boil down to relying on some form of state, one way or another. Don't get me wrong however, this is not a bad thing in my opinion. Using JSON Web Tokens can and do allow us to minimize the state that we do have to maintain, with minimal added complexity.
\nSo let's look at some ways that we can couple state and JSON Web Tokens that allow us to invalidate these tokens effectively.
\nWe can maintain a database table containing all of the tokens issued by our server that we would like to accept as valid. This would be a 1:1 session store, with every transaction occurring requiring this table to be checked to prevent an invalidated token from being accepted. While we would not be able to reduce the amount of state being maintained on our server, JSON Web Tokens still provide us with the utility of its trusted claims (and the performance benefits of not needing to check those).
\nWe can maintain a database table containing all of the tokens issued by our server that we do NOT want to accept as valid. Every transaction that occurs will require this table to be checked, to prevent an invalidated token from being accepted. Each record would only have to be maintained until the token itself expires. I can't think of any use case where a table of invalidated tokens would regularly be larger than a table of active tokens, so I'd imagine that the table maintained would almost always be smaller than maintaining a table of active tokens.
\nThis solution still needs a database lookup, but interestingly requires no state. For this, we can use the hash of a piece of data to sign the token itself. For example, by using the hash of a user's password, when the user changes their password, subsequent transactions involving an old token will fail, as the signature will fail to be verified. The effectiveness of this, however, would depend on your requirements, as this would be limited to invalidating tokens based on changing data (such as changing roles, passwords, etc.). It would not allow you to invalidate a token whenever you want.
\nI think that JSON Web Tokens coupled with a token blacklist is a fantastic way to manage authorization in web applications. This allows you to leverage the benefits of these tokens in reducing the network calls needed to secure your application, reduce the amount of data you need to store to manage sessions, and do so in a reliable way without introducing too much complexity.
\n","frontmatter":{"date":"January 18, 2021","updated_date":null,"description":"A discussion on invalidating JSON Web Tokens.","title":"Invalidating JSON Web Tokens","tags":["JSON Web Tokens","JWT"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/79aa8bd08d0b463cb8261d80f51fa641/ee604/unsplash.png","srcSet":"/static/79aa8bd08d0b463cb8261d80f51fa641/69585/unsplash.png 200w,\n/static/79aa8bd08d0b463cb8261d80f51fa641/497c6/unsplash.png 400w,\n/static/79aa8bd08d0b463cb8261d80f51fa641/ee604/unsplash.png 800w,\n/static/79aa8bd08d0b463cb8261d80f51fa641/f3583/unsplash.png 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Nick Chim","github":"nickc95","avatar":null}}}}]},"markdownRemark":{"excerpt":"Google has prepared a roadmap to restrict third-party cookies in Chrome. Since 04 January 2024, Chrome has rolled out third-party cookie…","fields":{"slug":"/engineering/identity-impact-of-google-chrome-thirdparty-cookie-restrictions/"},"html":"Google has prepared a roadmap to restrict third-party cookies in Chrome. Since 04 January 2024, Chrome has rolled out third-party cookie restrictions for 1% of stable clients and 20% of Canary, Dev, and Beta clients.
\nWhat does it mean for user authentication?
\nOn one hand, Google believes third-party cookies are widely used for cross-site tracking, greatly affecting user privacy. Hence, Google wants to phase out (or restrict) supporting third-party cookies in Chrome by early Q2 2025 (subject to regulatory processes).
\nOn the other hand, Google introduced Privacy Sandbox to support the use cases (other than cross-site tracking and advertising) previously implemented using third-party cookies.
\nIn this article, we’ll discuss:
\nThird-party cookie restrictions affect user authentication in three ways, as follows.
\nIf your website or app uses an external Identity Provider (IdP) — like LoginRadius, the IdP sets a third-party cookie when the user authenticates on your app.
\nIf you have multiple apps across domains within your organization and authentication is handled using an IdP (internal or external) with web SSO, you already use third-party cookies to facilitate seamless access for each user using a single set of credentials.
\nIf you have implemented web SSO with one primary domain and multiple sub-domains of the primary domain, third-party cookie restrictions may not apply. For now, Google doesn’t consider the cookies set by sub-domains as third-party cookies, although this stance may change in the future.
\nFor example, you have apps at example.com, travel.example.com, stay.example.com, and web SSO is handled by auth.example.com. In this case, third-party cookie restrictions don’t apply.
Federated SSO is similar to, albeit different from, web SSO. It can handle multiple IdPs and applications—aka., Service Providers (SPs)—spanning multiple organizations. It can also implement authentication scenarios that are usually implemented through web SSO.
\nUsually, authentication is handled on a separate pop-up or page when the user wants to authenticate rather than on the application or website a user visits.
\nFor example, you already use federated SSO if you facilitate authentication for a set of apps through multiple social identity providers as well as traditional usernames and passwords.
\n\n\nNote: It is also possible to store tokens locally, not within cookies. In this case, third-party cookie restrictions won’t affect token-based authentication. However, the restrictions still affect authentication where tokens are stored within third-party cookies (a common and secure method).
\n
Google has been developing alternative features and capabilities for Chrome to replace third-party cookies as part of its Privacy Sandbox for Web initiative.
\nSpecific to authentication, Google recommends the following:
\nCHIPS are a restricted way of setting third-party cookies on a top-level site without making them accessible on other top-level sites. Thus, they limit cross-site tracking and enable specific cross-site functionalities, such as maps, chat, and payment embeds.
\nFor example, a user visits a.com with a map embed from map-example.com, which can set a partitioned cookie that is only accessible on a.com.
If the user visits b.com with a map embed from map-example.com, it cannot access the partitioned cookie set on a.com. It has to create a separate partitioned cookie specific to b.com, thus blocking cross-site tracking yet allowing limited cross-site functionality.
You should specifically opt for partitioned cookies (CHIPS), which are set with partitioned and secure cookie attributes.
\nIf you’re using an external identity provider for your application, CHIPS is a good option to supplant third-party cookie restrictions.
\nHowever, CHIPS may not be ideal if you have a web SSO or federated SSO implementation. It creates separate partitioned cookies for each application with a separate domain, which can increase complexity and create compatibility issues.
\nWith Storage Access API, you can access the local storage in a third-party context through iframes, similar to when users visit it as a top-level site in a first-party context. That is, it gives access to unpartitioned cookies and storage.
\nStorage Access API requires explicit user approval to grant access, similar to locations, camera, and microphone permissions. If the user denies access, unpartitioned cookies and storage won’t be accessible in a third-party context.
\nIt is most suitable when loading cross-site resources and interactions, such as:
\nVerifying user sessions when allowing interactions on an embedded social post or providing personalization for an embedded video.\nEmbedded documents requiring user verification status to be accessible.
\nAs it requires explicit user approval, it is advisable to use Storage Access API when you can’t implement an identity use case with the other options.
\nWith Related Website Sets, you can declare a primary website and associatedSites for limited purposes to grant third-party cookie access and local storage for a limited number of sites.
Chrome automatically recognizes related website sets declared, accepted, and maintained in this open-source GitHub repository: Related Website Sets
\nIt provides access through Storage Access API directly without prompting for user approval, but only after the user interacts with the relevant iframe.
\nIt is important to declare a limited number of domains in related website sets that are meaningful and used for specific purposes. Google may block or suspend any exploitative use of this feature.
\nThe top-level site can also request approval for specific cross-site resources and scripts to Storage Access API using resuestStorageAccessFor() API.
If you’re using an external identity provider for your web application, you can declare the domain of the identity provider in the related set to ensure limited third-party cookies and storage access to the identity provider, thus ensuring seamless user authentication.
\nRelated Website Sets can also work to supplement third-party cookie restrictions in web SSO and federated SSO if the number of web applications (or domains) is limited.
\nFedCM API enables federated SSO without third-party cookies.
\nWith FedCM API, a user follows these steps for authentication:
\nYou can access a user demo of FedCM here: FedCM.
\nFor more information about implementing federated SSO with FedCM API, go through the FedCM developer guide.
\nFirstly, we’re committed to solving our customers' user identity pain points — and preparing for the third-party cookies phase-out is no different.
\nWe’ll implement the most relevant and widely useful solutions to facilitate a smooth transition for our customers.
\nPlease subscribe to our blog for more information. We’ll update you on how we help with the third-party cookie phase-out.
\nThe proposed changes to phase out third-party cookies and suggested alternatives are evolving as Google has been actively collaborating and discussing changes with the border community.
\nMoreover, browsers like Firefox, Safari, and Edge may approach restricting third-party cookies differently than Google does.
\nFrom LoginRadius, we’ll keep you updated on what we’re doing as a leading Customer Identity and Access Management (CIAM) vendor to prepare for the third-party cookie phase-out.
\nTop-level site: It is the primary site a user has visited.
\nFirst-party cookie: A cookie set by the top-level site.
\nThird-party cookie: A cookie set by a domain other than the top-level site. For example, let’s assume that a user has visited a.com, which might use an embed from loginradius.com to facilitate authentication. If loginradius.com sets a cookie when the user visits a.com, it is called a third-party cookie as the user hasn’t directly visited loginradius.com.