Oil Pulling?!

I wanted to share this because oil pulling has worked like a miracle for me.
A couple of weeks ago I started getting this agonizing tooth pain when drinking hot or cold liquids and when chewing. I scheduled an emergency dental visit because at this point a pounding persistent tooth pain kept me up at night. The x-rays revealed a dental cavity underneath the crown. There was even a little hole between the crown and the tooth where my dentist was able to stick in a periodontal probe.

The situation was bad, the x-rays (see image) showed that the decay was advanced and was causing inflammation of the tooth pulp, the central portion of the tooth containing the sensitive nerve endings.

Because of the decay the remaining portion of the tooth was not big enough to attach another crown and the dentist’s recommendation was to have a tooth extraction and a tooth implant.

One day before my appointment I decided to cancel the visit at the oral surgeons because I found several articles on the web that described the possibility of reversing tooth decay and cavities. I wanted to give it a try.

Below is the regimen I’m following every morning and evening:

  1. Oil pulling for 10 min using organic coconut oil, then rinse mouth with water
  2. Floss teeth
  3. Use hydrogen peroxide for 30 sec (slowly swish in mouth)
  4. Brush teeth using a toothpaste that contains fluoride and baking soda (I’m using Tom’s Cavity Protection)

Also remove sugar from your diet as much as possible.

The results are amazing! After 3 weeks my tooth pain and sensitivity are gone and I can eat normally!
I’d highly recommend anyone to give it a try!
I’ll be following up with another blog post with updates in a few weeks.

Here’s some reading material on reversing dental decay and oil pulling:
https://www.youtube.com/watch?v=DtFzd3TBYiI&t=13s
https://draxe.com/naturally-reverse-cavities-heal-tooth-decay/

VIM gives you Super Powers!

Those who know me most likely know that I’m quite a VIM enthusiast.
I love the speed and flexibility of the editor and it’s ubiquitous availability on UNIX systems.

VIM has a steep learning curve but I guarantee you the effort pays off!
To learn the editor commands I used the game VIM Adventures which is a fun way to learn VIM.

You can view my .vimrc at GitHub.

Integrate a Node.js SPA with a PHP Web App

Quick definitions:
SPA = Single Page Application
Authentication = Who are you?
Authorization = What you are allowed to do?
CORS = Cross Origin Resource Sharing

I’ve been working on an interesting problem to seamlessly integrate an existing PHP web app with a newly built SPA running on Node.js.
There are many different approaches to solving this problem and this solution is more of a low level implementation, so a certain familiarity with HTTP headers and cookies is required.
This post also doesn’t describe scalability which I might talk about it in a future post.

This post describes:

  1. How to implement session sharing between PHP and Node.js
  2. How to authenticate and authorize the RESTFul API calls made from the browser
  3. How to secure the internal API calls made between the PHP and the Node server

1. How to implement session sharing between PHP and Node.js

Your user logs into the app, providing some credentials and a cookie or token of some sort is returned, which you use to identify that user.
Your AJAX requests to the API server will carry that same logged-in token (PHPSESSID) as before. Then we are checking that token against an internal API on the php server, and restricting the information down to ‘just what the user is allowed to see’.
The important consideration is that RESTful web services require authentication with every request.

The diagrams below shows the interactions between the servers:

2. How to authenticate and authorize the RESTFul API calls made from the browser

Same-origin-policy and CORS

Since the PHP and Node API server are running on different IP addresses the HTTPS requests made using the XMLHttpRequest object are subject to the same-origin policy. This means that HTTP requests could only be made to the domain the page was loaded from.

The CORS (Cross Origin Resource Sharing) mechanism provides a way for web servers running on different IPs or domains to support cross-site access.

Client side code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
$.ajaxPrefilter( function( options, originalOptions, jqXHR ) {
options.crossDomain ={
crossDomain: true
};
options.xhrFields = {
withCredentials: true
};
});

function getSessionId(){
var jsId = document.cookie.match(/PHPSESSID=[^;]+/);
if(jsId) {
if (jsId instanceof Array)
jsId = jsId[0].substring(10);
else
jsId = jsId.substring(10);
}
return jsId;
}

var id = 'myRequestedDataId';
// make ajax call
var pathAndQuery = "/api/myapi";
$.ajax({
url: 'https://' + API_HOST + pathAndQuery,
type: 'GET', // or POST
beforeSend: function(request) {
request.setRequestHeader("id", id);
request.setRequestHeader("PHPSESSID", getSessionId());
},
success: function(data) {
var json = JSON.parse(data);
if(json.status === "success") {
// do stuff
}
},
error: function(e) {
console.log(e);
// navigate to the login
window.location.href = '/index.php';
}
});

Node.js code for implementing cors headers:

1
2
3
4
5
6
7
8
9
10
11
12
13
var https = require('cors');
var corsOptions = {
methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
preflightContinue: true,
origin: 'https://your.phpserver.com' || process.env.WEBORIGIN,
credentials: true,
allowedHeaders: 'phpsessid,id'
};

var app = express();

app.use(cors(corsOptions)); // support cors requests
app.options('/api', cors(corsOptions)); // enable pre-flight requests

PHP code for verifying the session cookie:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
$sid = $_REQUEST["PHPSESSID"];
$id = $_REQUEST["id"];
// Set the session to the supplied session id.
session_id($sid);
session_start();
$cid = $_SESSION[APP]['client_id'];
if (empty($cid) {
// invalid session id
$error = "Failed to match session.";
}
// continue and validate id
// ...

// Output the json response:
if (empty($error)) {
$json = "{\"status\": \"success\"}";
} else {
$json = "{\"status\": \"error\"}";
}
echo $json;
?

3. How to secure the internal API calls made between the PHP and the Node server

Depending on how strong the security needs to be, there are several approaches securing the internal APIs, some of them are:
-Restricting the IP/PORT to only allow access from the internal servers.
-Using TSL in combination with basic authentication. If the security needs are not as high this is an easy way of implementing security.
-Token based security e.g. oAuth.
-Using Client-authenticated TSL Handshakes, below is a good article:
https://engineering.circle.com/https-authorized-certs-with-node-js-315e548354a2#.sakue1rg6

Vintage Synthesizers

I’ve been playing with the idea of making electronic music again. Back in the 80s I was fascinated by upcoming new bands like Kraftwerk, Depeche Mode, Yello and Front 242.
I loved the new sounds that were possible using analog and digital synthesizers. I started to make music myself with a little Casio K1 Sample keyboard. Later I bought a used Waldorf PRK Processor keyboard which I used with different midi expanders. The PRK keyboard quality was amazing, it had a 68000 CPU and 5 ½’’ floppy drive and was a monster at 84 pounds!
http://www.synthmuseum.com/ppg/ppgprk01.html

My neighbor was borrowing me his Dave Smith Instruments Mopho Keyboard for a couple of weeks:
https://www.davesmithinstruments.com/product/mopho-keyboard/
I loved the powerful crushing basses this thing can produce and the arpeggiator, sequencer, LFO and two oscillators allow for an immense range of sounds.

Other great options are the original Moog synthesizers or a Yamaha DX7, both are classics.

Below is a website that has an immense collection of vintage synthesizers including sounds samples:
http://www.vintagesynth.com/