Painless Authentication with Pyramid and BrowserID
There are a couple of really exciting projects underway at Mozilla right now.
The first is BrowserID, a distributed single-signon system from the Mozilla Identity Team. BrowserID sports a very slick sign-in process, simple integration with your existing software stack, and is designed from the ground up to provide strong user privacy guarantees.
The second is Project Sagrada, a platform for quickly building secure, scalable web applications from the folks I work with on the Mozilla Services Team. While initial development is being driven by Mozilla's internal projects and needs, the hope is that one day developers will be able to just write some simple service definitions then deploy their applications across Mozilla's infrastructure.
Of course, we're not there yet, but we're building up to it piece by piece. One piece I've been working on, and which is coming along quite nicely if I do say so myself, is authentication. We are building a secure, flexible and efficient authentication stack on top of some key Python web technologies such a Pyramid and repoze.who.
So without further ado, here's a glimpse of my first tiny piece of Project Sagrada: adding BrowserID support to a Pyramid app with just a few lines of configuration.
Dream Job: Day Zero
It's been two months since I posted Passionate Developer seeks Dream Job, and I've been overwhelmed by the positive response it has generated - lots of well wishes, kind words, advice, and several really interesting opportunities. Even better, I'm happy to announce that the story has a happy ending.
The short version: I started today with Mozilla, working as a contractor with the Services team. It's been quite a ride to get here, so read on if you're interested in the long-version debrief.
Passionate Developer seeks Dream Job
I need something new in my career.
Don't get me wrong. I love what I do and I've no intention of abandoning the tech scene to, say, start an emu farm. But the current combination of work, family and life in general is starting to wear us all down. It's time for a change.
And frankly, if you're going to make a change, you might as well make it the absolute best one you can. So for the duration of this post I'm going to try something rather difficult – I'm going to switch off my usual unassuming, undemanding nature and give myself permission to be greedy. What's my dream job? My serious, no-holds-barred, anything-is-possible dream job. Hopefully I don't come off sounding like an arrogant jerk.
Because I need to know: does it exist, and do I have what it takes to land it?
I've got a little bit of downtime at the moment, and I'm determined to spend it keeping my Python skills and projects up to date. First on the list: testing.
Almost all of my open-source projects come with automated tests of some kind. Some are woefully under-tested (m2wsgi, myppy) while others have collected a test case for just about every feature (pyenchant, esky). But they could all stand to benefit from a little more testing discipline.
If you have any of your own python projects, ask yourself: do they work on older versions of python? How about on 2.7? On 3.2? How about on Windows or OSX? Are you sure?
I want to be able to answer a confident yes to all these questions, so I'm embarking on a rather ambitious plan over the coming months: full test suites, with 100% code coverage, tested on Linux, Windows and OSX, across python 2.5, 2.6, 2.7 and 3.2.
New website live, thanks to GitHub and Hyde
Well that didn't take long. The first part of my migration from a VPS to managed services is complete. You might also notice that the website has had a facelift in the process.
While I've been trialling both dotcloud and ep.io for hosting some more complex python webapps, for this simple site I decided it's just not worth the overhead and expense. Instead I've gone with hosting static HTML on GitHub Pages, using a static site generator called Hyde to manage the blog. So far, so good.
Update: after some trialling back and forth, I've decided to host the static pages with fastmail instead of GitHub, since fastmail supports HTTP redirects and I plan on moving some content around over the coming weeks.
Do let me know if you find anything broken...
