Golang server background notofication process - mongodb

I apologize in advance for my bad english.
I've created simple training service in golang, which supports login and registration system with MongoDB. This service allows you to scrape rooms for rent in London in specified location if you loggedin. So, now I want to implement notifications for loggedin user's about new rooms in user's marked location. My first idea was to make some background process, which will scrape rooms every 30 seconds, save the results (in mongo, in cookies or somewhere else, advise me please), match new scrape results with previous and save differences (new rooms) in DB for future posting to user in some form (email or list on html page).
1) Is my idea about notifications generally correct? If not, please describe me better way to do this or point to some relating examples.
2) What is the best way to make that background process in go?
3) This would be great if you'd point me on some examples relating to the case.
The demo of service on Heroku
Github repo
I appreciate your concern.

Related

Firebase cloud functions chess game Swift

I am making a chess app which has a Firebase backend, i am using cloud firestore and cloud functions. basically i am using node 8 to avoid billing issues on cloud functions, i can call and trigger, but i can't wrap my head about how to make an action happen on another device instead of on my own.
After authenticating and logging in, the user gets into a lobby which is a tableViewController and there are shown only the users that are currently logged in.
What i want to achieve is by tapping on a certain row the user that got the tap on it gets an alert shown for him which states whether he accepts the challenge or he declines it. Based on that i proceed to the game or do something else.
The question is though how to make this alert trigger on the other user's device?
Also i've seen some posts that it can be done with snapshotListener on a document, but again i run into the problem of understanding how to trigger the alert on another device. If you've got some other good ideas please share!
Thank you for any feedback!
I think snapshot listeners are really the only way to go. You could use other Firebase services but those aren’t the right tools for the job. Consider creating a collection, maybe call it requests:
[requests]
<userId-userId> (recipientUserId-initiatorUserId)
initiator: string
recipient: string
date: date
Each user has a snapshot listener that listens to this collection where their own userId is equal to recipient. You can add a date field to sort the list by most recent, for example. When a user wants to challenge another user, all they need to do is create a document in this collection:
<userId-userId> (recipientUserId-initiatorUserId)
initiator: myUserId
recipient: theirUserId
date: now
And the recipient's client will instantly see this document.
You could include dressing data in this document, like the initiator's display name or a path to their avatar. But this data may be stale by the time it's rendered so the alternative is to fetch the dressing data from the database using the userId. You could also auto-gen the document ID but if you configure it (like this), it can make operations like deleting simpler. You could also configure the userIds to be alphanumerical so only one request can exist between two users; but if they requested each other at the same time, one would overwrite the other and you'd have to handle that potential edge case. There are lots of things to consider but this is the starting point.

Open REST API attached to a database- what stops a bad actor spamming my db?

I'm a client side developer with little experience of server side, and I'm struggling to understand how to make a database-backed website without requiring users to login.
The usecase is fairly straightforward. The user lands on a website, uploads an image, and performs some processing to that image. Clicking 'share' POSTs JSON to my endpoint, stores it in a DB, and returns a unique URL in a textbox (eg, https://example.com/art/12345) which allows the user to share their artwork with others, or just to come back and do more editing later on.
What stops somebody from doing, POST <data> https://example.com/art 100 million times and filling my pay-as-you-go database?
I've seen examples of this link based method of sharing between users on plenty of sites but I don't understand how to stop abuse, or whether it is safe to just open up an API which allows writes to a database. I do not want users to have to login.
I believe the simplest method is having a quota, either by username for logged in users or by IP, if you don't require logins or only want to allow free usage to a certain point. Perhaps you could have a smaller quota for non-logged in users than for logged in users and even larger for paying users.
Your server side code that handles the POSTS and storing data into the database would have to take care of that. I'd add it to a user_data table on mine, making an additional column that tracks total space used. makes a todo
Then, when the user adds new data, increase the total space used. When they delete old data (I have versioned web pages so that eventually, the user will be able to rollback to previous versions) then the space used decreases. Having another page to look at to see where they're using space makes deciding what to delete to stay under a quota of X MB's/GB's/TB's/etc easier or maybe just an /api/delete_old_pages or notes or comments or all of the above.

Restrict Users from Programmatically posting form data

I have a very old ASP.net Application with a Web Form with 1 Dropdown Box and 2 Text Boxes and a Submit Button.
All 3 are mandatory fields. Based on the data entered, once the user clicks Submit Button additional details are shown on the next page from the database.
On Submit data is posted via Query String that looks like
http://myserver/myapp/search.aspx?f1=1&f2=tom&f3=sales
Though the application is doing what is supposed to do, off late we came across lot of issues:
As couple of entities that are interested in our data wrote programs to programatically build the querystrings and hitting our server.
This is slowing down the server and regular users who manually search records are facing lot of slowness.
Due to come legal restrictions we couldn't implement CAPTCHA or have users get authenticated.
I would appreciate if you can let me know if any of you have come across this kinda situation and how you have dealt with it.
Thanks in advance.
You could implement source-based rate limiting. I.e. per IP address only allow so many requests per minute. If the requester makes too many requests you simply reject the requests. You could also blacklist the IP addresses that are hitting your app too aggressively. Both of these policies can be enforced by a load balancer like HAProxy or nginx.

rails beta request signup with social media sharing reward

I would like to build a simple beta request signup page where the user is rewarded with an earlier reward when he is sharing the link to the application as much as possible.
A solution like this is seeable on
trenvy.com
User enters email
User gets unique link with his unique code
User shares this link on every signup its a +1 count on him
An admin method throws out the users emails which have shared the link and brought the most people in. I want to use this email list to use in CampaignMonitor.
Anyone knows what could be a good way to achieve this? Or someone wrote such a thing or knows a git repo that has this feature implemented as is to take a look at and learn?
I have already coded a unique code generator for the app that makes unique codes of 10 chars.
Now only this social media sharing is a bit unclear to me on how to approach this in rails, any ideas on that? thx!
Something like this can be achieved pretty easily in any framework, so I think I'll provide a general answer first, and if any specific gems occur to me, I'll mention them:
1) The unique code part is easy, it's just a parameter in a controller that checks the validity of the code — this would be a unique code that's added to the user model for ease of verification and created when the user first enters his email address.
2) Every time the link is visited, it's parsed by the controller and saves an event (don't just increment a field if you want maximum data out of the interaction, you could save IP for country of origin, time of the page hit, etc), just count the click events for that user for his +1s
3) Just write a quick admin site (i used twitter bootstrap for this recently) that lets you see the user's who've interacted with the system and sort by shares, and you can use the createsend gem to add them to whatever list you like.
There are no specific gems I can think of that'll speed this process up, Devise is overkill, you don't really need an activity monitor gem since you're not storing much info, definitely twitter_bootstrap for speeding up building the admin interface. Heroku lets you add an Sendgrid as a plugin, so you're covered there for mail sending.
Am i missing anything in your requirements? Seriously though this should be a 2-4 day dev effort, nothing fancy here.

Using GA Data Export API to Get All UA's

I am using the GA Data Export API to interact with Google Analytics and I'm making a lot of progress, I am using this URL Endpoint initially to pull all the profiles under an account:
https://www.google.com/analytics/feeds/accounts/default
This URL retrieves each GA ID (profile) and each UA. One thing I've realized is one account can contain multiple UAs and when this happens, this request pulls all profiles. We have a client who has about 115 profiles under like 10 different UAs, and the request takes about 30 seconds for the initial request (and then I believe it must be cached, because it speeds up considerably after this, but then the next day the same thing occurs).
Is there a way to get a list of UA's without pulling the profiles? This way I can query the UA specifically for the profiles instead of pulling each one.
Any advice on this would be really helpful!
Thanks
UPDATE: Here's some documentation on the specific call I am using right now:
http://code.google.com/apis/analytics/docs/gdata/gdataReferenceAccountFeed.html
UPDATE 1: I have found some interesting information in the docs
Once your application has verified
that the user has Analytics access,
its next step is to find out which
Analytics accounts the user has access
to. Remember, users can have access to
many different accounts, and within
them, many different profiles. For
this reason, your application cannot
access any report information without
first requesting the list of accounts
available to the user. The resulting
accounts feed returns that list, but
most importantly, the list also
contains the account profiles that the
user can view.
So this means that you have to use the default accounts call to get these back? Surely, somebody has had this issue before?
So apparently, you can query the account if you know the UA-ID, however there is no way to get back a list of only UA IDs.
One way you can do it is have the user enter their own UA ID instead of having them choose one; not as user-friendly as it could be but better than making the user wait 30 seconds!