Inject Detect Progress Report – East5th – Medium

Inject Detect Progress Report  #saas #react #security #javascript #elixir #reactjs

  • Based on the current state of the system, the processing of a command will either return a list of events representing the changes to the system, or an error.Keep in mind that events don’t actually modify the system in any way (write to a database, etc…).
  • They just return a list of events, side-effect free.Diving into the code, a command is just an Elixir struct.
  • For example, here’s a command to toggle “alerting” on an application in Inject Detect:defmodule do defstruct application_id: nilendThe struct holds all of the information we need to carry out the command.
  • In this case, we just need the application_id of the application in question.Each command implements a Command protocol, which means it defines a handle function.
  • Command.handle takes in the command struct being handled and a “context” map, which in our case holds the currently signed in user.Our handle implementation for the ToggleAlerting command looks like this:defimpl InjectDetect.Command, for: do alias alias alias InjectDetect.State.Application def toggle_alerting(application = %{user_id: user_id}, command, %{user_id: user_id}) do case application.alerting do true – {:ok, command.application_id}]} false – {:ok, command.application_id}]} end end def toggle_alerting(_, _, _) do {:error, %{code: :not_authorized, error: “Not authorized”, message: “Not authorized”}} end def handle(command, context) do | toggle_alerting(command, context) endendIf the current user has permission to toggle alerting on the specified application, we return either a TurnedOffAlerting event, or a TurnedOnAlerting event.Otherwise, we throw an authorization error.

It’s been almost two months since I announced I was working on a security focused SaaS application called Inject Detect. For those that haven’t been following along, Inject Detect is a service…
Continue reading “Inject Detect Progress Report – East5th – Medium”

Announcing Reactive Trader Cloud

  • Announcing Reactive Trader Cloud
  • Reactive Trader Cloud is a demo client-server FX trading application.
  • To launch Reactive Trader in our demo environment, click .
  • The backend is composed of a set of services which can be scaled, deployed and upgraded independently.
  • Instead of using HTTP, the client connects to the backend using Websockets and since we have a number of services, we decided to use a messaging gateway to act as a broker: this allows the client to establish a single connection to the backend and the broker is used to route messages to the correct service instance or to the correct client.

Read the full article, click here.


@AdaptiveLimited: “Reactive Trader Cloud released, #reactjs front-end, backend on #Kubernetes, all open source!”


In April 2014 we gave a talk at React Conf London on Reactive user interfaces and open-sourced Reactive Trader, a demo app we used to demonstrate the different concepts we highlighted in the talk. The talk was focused on UIs so we put most of our effort into the front-end and built a very simple monolithic backend to simulate the different flows and failure scenarios.


Announcing Reactive Trader Cloud