Prevent unwanted outages caused by malicious queries

Photo by Titus Blair on Unsplash

GraphQL is one of those nice technologies that help the user to create more efficient APIs. With the ability to exactly querying the needed information, the situation of under or over-fetching should be a problem of the past.

When a GraphQL API becomes more complex and circular references are getting introduced, extra dangers for the API will be introduced that can potentially end up in a denial-of-service.

The Problem

With GraphQL it is possible to create extensive object types that can be used to query objects. Inside these object types, references can be created to other object types.

When a query for…


Why authentication deserves a centralized place in your architecture

When moving to microservices, you will come to the conclusion that securing the microservices needs to be tackled in a different way compared to a monolithic application.

While designing the solution, questions like “Where and how do I implement authentication and authorization?” and “How do I authorize users to specific actions?” can popup. In this article, a solution will be introduced to these questions.

First, the differences between authentication and authorization will be explained. Secondly, OpenID Connect and OAuth2 will be introduced as solutions for centralized authentication and authorization for microservice architectures. …


Making your application more resilient with health checks

Over the past year containerizing applications has become an extremely popular practice to quickly develop, ship and deploy applications. With the help of containerization tools like Docker, the desired container environment can be described in a declarative manner.

With Kubernetes, containerized applications can be deployed, scaled when needed, and further managed. Kubernetes has self-healing powers for containers — but only works to it’s fully potential when it’s set up right.

In this article, we are going to implement health checks and corresponding probes so that Kubernetes is able to define whether a…


Making technologies like sessions and CSRF/authentication cookies fully horizontal scalable with Redis

In the tech world new technologies come and go. With technologies like Docker Engine and Kubernetes, scaling out of applications became easier than ever. This unfortunately doesn’t mean that applications are horizontal scalable out of the box. In this article the problems will be explained and solved with the .NET landscape in mind.

In this post we will first define the difference between horizontal and vertical scaling, better known as Scaling out and Scaling up. We continue with learning the differences between a stateless and stateful application, followed by solving the problems for specific protocols and technologies that arise when…


Let’s tackle your dreadful versioning process for your app!

When setting up new software projects or changing existing processes, determining the right versioning strategy proved always to be a challenging procedure. Choosing the right branching strategy, making consensus with team members and last, but not least, enforcing and automating the process were some the hurdles that had to be taken.

Especially automating the strategy was always difficult. A manual step was always involved inside the repository to determine what the next version would be. And then only the happy flow is considered. How to deal with bug fixes? Does a magic property need to be changed every time when…


When retrieving all service’s connected pods is desired

A service connected to three pod instances

In a Kubernetes cluster, the service resource is being used as an abstraction to expose your running pods as a (single) entry point in the network of your cluster. The service acts as a Service Discovery mechanism and enables you to communicate easily with upstream pods without the need to know the exact individual IP addresses of individual pods.

However, in some situations it’s desired to be able to retrieve the IP addresses of all the pods that are connected to a certain service. When your pods are stateful, like a deployed database, individual pods do need to communicate with…


Photo by Caspar Camille Rubin on Unsplash

I had lately a heated discussion with a colleague about how we should name our primary key ID columns in our relational database. In this discussion there were two options: naming it plain id; or naming it tablenameId. In this article I will explain why I would advocate for the latter.

Let’s start with making the statement that this subject doesn’t have a right or wrong choice. Choosing for one of these doesn’t make you not conforming any convention and any bad engineer.

The first initial thought when seeing just an Id column would be that it’s simple and not…

Mattias te Wierik

Software Engineer at Swapfiets

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store