Where I get confused is storing the tokens securely. There's a lot of conflicting information online. I've come across many examples where they suggest localStorage which is a horrible idea.
A lot of the advice I see now is about http-only cookies but I think I'd probably look more into oAuth in the future.
I think this is a great resource but wish it had not chosen a hybrid architecture. All the guides on decoupled Django seem to choose hybrid. It makes sense because you get the CSRF / XSS safety benefits but I'd love to see how others tackle a fully decoupled Django stack e.g. oAuth, JWTs and how they do their CSRF / XSS security. It's an area I need to learn more about.
I recently just created my own custom new tab extension. Closed source because it's literally just for me. It does a few nieche things e.g. syncing a todo list that also appears on a e-ink display. I like it. I also like that it's something that's just for me.
Likely yes but not everyone knows how (thinking the non-tech people here) and plus I think it’s nice just to be able to grab a quick extension and be done with it.
The thing is though, as you said, it's my personal iPhone. If I want to be able to install an unsigned app I should be able to. There should be ways to dissuade the non-technical people but my feeling is it is my iPhone so I should be able to do as I wish.
I've had this conversation with quite a few people recently. As I say to them, once the genie is out of the bottle it's hard to put it back in again. People will simply go to companies who allow them to be remote or more flexible.
Vim for super quick changes (I’d like to increase my proficiency with vim but not really done much to do so).
Vscode for light text editing : coding which doesn’t require me to dig in to debug for a major length of time.
Jetbrains IDE for real work / tinkering were I may need to debug / leverage breakpoints / have good autocomplete.