TinyPNG

panda
TinyPNG was used to compress this image and subsequently decrease this page’s load time.

TinyPNG is easily the coolest tool I’ve come across recently. I was looking for an easy way to compress images used on LunchBunch’s website to improve load times, and TinyPNG couldn’t have made it any easier. I’ve compressed PNGs and JPGs (it works with both) with average compression results between 40% and 80% depending on the source and original size. The website is very easy to use too–just upload your images and download a zipped file containing the compressed versions (or optionally save directly to Dropbox). And it works just as well on PNGs with transparency.

Compression is awesome, but what about the quality? PNGs are lossless, meaning that an image won’t change when compressed, but the quality of JPGs deteriorates as the file size shrinks. You don’t have to worry about image quality with TinyJPG–see for yourself at the bottom of TinyJPG’s homepage. The compressed version is barely a quarter of the size of the original, but I can’t tell the difference between the two images!

So after learning all of this, I was hooked. I was excited to use TinyPNG for everything, but what if I want to tinify my images programmatically? Lo and behold, the developer API! With libraries for Ruby, PHP, Node.js, Python, and Java, it is very easy to incorporate TinyPNG into any project. For example, my first attempt in Python was just a few lines:

import tinify
tinify.key = "<your-developer-api-key>"

def tiny(input_filepath, output_filepath):
    source = tinify.from_file(input_filepath)
    source.to_file(output_filepath)

And it just worked!

It seems easy to preserve metadata, integrate with Amazon S3, and even crop/resize before compressing (though I haven’t explored these features yet).

Every once in a while you stumble across a tool that’s exactly what you were looking for. For me, TinyPNG was that and more. If you have a website or use pictures in any way, this is a must-have tool for your project. There’s also a WordPress plugin that is super simple and highly-recommended for your blog.

How do you use TinyPNG in your projects? Let us know in the comments below!

Happy coding!
Ryan from The Bunch

Happy First Birthday!

birthday_cake
One candle for one year; the 44 is for April 4th 😉

The Bunch turns one year old today! 366 days ago, Matt, Brandon, and I had our first video conference to discuss the idea of developing LunchBunch into a fully-realized mobile application. In November of 2015, we launched LunchBunch publicly, and over the past few months, we’ve been updating it and adding new features. It’s time to start growing, so be sure to tell all of your friends about LunchBunch!

I’ve had a ton of fun working on LunchBunch over the past year, and I’d like to thank Brandon and Matt for all of the work they’ve put into making LunchBunch awesome. Seeing the app progress over the past 12 months has been amazing, and their diligence is why LunchBunch has come as far as it has. I couldn’t be prouder of my team and all of the time they’ve devoted to this project.

I especially want to thank you, our blog readers, app users, and general supporters of LunchBunch! This project wouldn’t be possible without you, and we really do appreciate all of the feedback and encouragement you’ve provided along the way. Thanks for cheering us on this past year! With so many exciting changes in the pipeline, I can’t wait to see where LunchBunch ends up on its second birthday!

Sincerely,
Ryan from The Bunch

Timed Broadcast

hourglass

We’ve been hard at work to bring you new features to enhance the LunchBunch experience, and one of our recent updates modified the way that broadcasting works.

Before our public launch, a user suggested this feature to make it easier to broadcast accurate information. She said she wanted her broadcast to terminate automatically because she didn’t “want to lose [her] LunchBunch integrity.” We thought this was a great idea because it’s easy to forget to switch back to “not hungry” after you’ve eaten.

Timed broadcasts will keep you hungry for one hour before automatically expiring. (Soon you will be able to change this length.) A few minutes before it’s switched off, you will get a push notification asking if you are still hungry with the option to extend your broadcast. Ignoring the notification will terminate the broadcast at the end of the timed period.

Timed broadcasts make it easier for you to use LunchBunch because you don’t need to remember to set your status to “not hungry” after a meal. This also helps hungry buddies know that you are ready to eat (instead of wondering if you simply forgot to edit your broadcast after your last meal).

What do you think of this new feature? Are there any other features we could add to make broadcasting even easier? Let us know in the comments below!

Sincerely,
Ryan from The Bunch

Development and Production Environments

When you’re working on an app that’s live, it’s a good idea to have a development version running that is completely separate from the production version. This way, when things go wrong (and they will), your users are less likely to be affected. Here are three things to consider when separating your production and development environments.

Data

This should go without saying, but the dummy data used in testing shouldn’t be be available in production and vice versa. It shouldn’t even be stored in the same databases. Confining user data to production keeps it safer, and keeping test data out of production makes your live databases cleaner.

Hardware

Keeping separate hardware is wise depending on the type of application you’re running, how many users you have, etc. It’s likely that the required load on the production server will be much higher than the server your team uses for development, so the hardware needs won’t be the same. By separating the hardware, you’re able to scale up and down independently and with minimal impact, and it also helps to reduce the impact of each environment on the other.

Security

Dev servers can have have different authorization permissions to make sure that the right people have access to your application until it’s secure and ready for public use. Security updates and other patches for your OS, libraries, etc. can be issued on your development server without affecting production. That way you can handle upgrade issues on dev and be more prepared when you need to update production.

Two environments is the minimum you should consider configuring for any application. Depending on the size of your team and the nature of the application you’re working on, it’s usually a good idea to have a staging environment which is treated as the most-recent stable development build which is next in line to be pushed into production. It’s also a good idea to have local environments for each developer to work individually without affecting the rest of the team. So the workflow looks like this:

  1. Developers work on their branches locally.
  2. When the local build is ready, it is pushed to dev for the rest of the team to use.
  3. When the dev build is stable, it is pushed to staging.
  4. Once approved by quality assurance and beta testers, the staged build is pushed to production.

This is a very high-level overview of multiple environments, and each project has different needs, so this is in no way a comprehensive writeup about how your pipeline should operate. However, if you’re getting started on a project, I hope this article has given you some ideas to consider.

What do your environments look like? Anything you would add to this post? Let me know in the comments below!

Happy coding!
Ryan from The Bunch

Use Case: Not on a Campus or in an Office?

coffee_shop

I’ve talked about how useful LunchBunch is in college and in the office, but what about the rest of us?

I organized many meals on campus while attending the University of Delaware and also in work settings during various internships over the past few years. But since graduating in May 2014, I’ve been working on LunchBunch from home which means a lot of meals by myself. So how is LunchBunch useful for those of us who aren’t on a college campus or working in an office? Here are a few of the ways I use LunchBunch that might help you, too.

Trivia

A pizza place in Pittsburgh hosts a trivia night every Tuesday, and one of my friends was the trivia host there for a while. A bunch of us would go most weeks to eat pizza and compete in the trivia, and LunchBunch was a great way to see who was going on a particular night. The time and location were already decided, and seeing everyone’s RSVP helped us to decide if we should go or wait until the next week when more friends could make it. Trivia is a specific use case, but LunchBunch is helpful for planning similar weekly events.

Last-Minute Plans

You just returned home after running errands, and you have some free time. There’s a new restaurant you’ve been wanting to try out, so you hop on LunchBunch to see who wants to join you. You know it’s last-minute, and it’s too much work to message people individually. With LunchBunch, you see who is hungry and available, and in no time, you’re eating at a new place with a friend or two!

Scheduling Plans

Besides giving you the ability to see who’s available right now, LunchBunch can help you to schedule meals in advance. If you schedule lunch or dinner with a group, it’s easy to track who’s going and update the time or location if plans change. Additionally, when you’re getting ready to head out, you can check for hungry buddies who weren’t included in the original invitation so they don’t feel left out.

What are the unique ways that you use LunchBunch? Do you have suggestions for how we could make LunchBunch even better for you? Please let us know in the comments below!

Sincerely,
Ryan from The Bunch

Logout Security

After building a login system, there are still a few considerations to take into account. Authorizing each endpoint is a good way to make sure that only logged-in users have access to the web app. Securing logout is also imperative, especially on shared computers.

When a user clicks the logout button, it’s common to redirect them to a publicly-accessible page. However, what happens when he or she (or the next person to use the computer) clicks the browser’s back button? Chances are that the browser has a locally-cached version of content that should no longer be available now that the user has logged out. Fixing this is pretty simple–just add the following headers to the response for each page with authorized data:

response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
response.headers["Pragma"] = "no-cache"
response.headers["Expires"] = 0

These headers (for HTTP 1.1, HTTP 1.0, and proxies, respectively) tell the browser (and any proxy) not to cache this response. And that’s it! Now if a user logs out then navigates through the browser history, any authorized page (i.e. any page that was sent with the headers above) will not be displayed. (Ideally, navigation to those pages when logged out would trigger a redirect to the login page.) And for most web applications, there shouldn’t be a noticeable performance hit–if there is, the time-loading tradeoff should be well worth the security benefit.

Have any other security tips for logging in or out of a web application? Let me know in the comments below!

Happy coding!
Ryan from The Bunch

Use Case: LunchBunch at the Office

buildings

LunchBunch can be just as useful in the office as it is on a university campus. When it comes to meals, there are a lot of similarities between users in these demographics–both tend to have schedules that change day-to-day, it’s hard to keep track of friends’ availability, and it’s often difficult to organize meals.

Group Emails

Group emails are great for getting information out to many coworkers, but they get disorganized very quickly. Some people might reply to the sender only, others click “reply all”, and they’re hard to search through. It’s difficult to keep track of RSVPs and make sure everyone has the most-recent information when using email to organize a meal. And if you join an email chain late, it takes too long to get caught up. With LunchBunch, everyone is on the same page (pun intended) with easy access to the time, location, and RSVPs for lunch. Sending messages to everyone is easy, and it’s much easier to search through than an email chain. And adding someone to the invitation is a breeze. With just a few taps, any of your Buddies can view the invitation.

Know when Coworkers are Busy

Sometimes it’s tough to know when coworkers are busy and shouldn’t be interrupted. When you’re ready to eat, you don’t need to interrupt anyone’s work to see who’s available. Instead, simply start broadcasting on LunchBunch, and when everyone is at a good stopping point and ready for a lunch break, you can create an invitation. Alternatively, you don’t even need to wait until everyone is hungry–you can create the invitation and add Buddies whenever you’re ready (even if they’re not broadcasting yet).

New People

If your office/building/block is large enough, lunch can be a great way to network with people you otherwise might not meet. You can connect with these people on LunchBunch and organize them into Bunches. You can even schedule times in advance to plan your networking meals at the beginning of each week.

New Places

Whether you’re eating with the same coworkers or networking with new people each day, it’s nice to switch up the location. We’re currently working on a few new features for LunchBunch that will help you find new places nearby, so stay tuned for future updates!

So next time you’re hungry at work and don’t know who’s available, check LunchBunch!

How do you use LunchBunch at work? Do you have suggestions for how we could make LunchBunch even better for your office? Please let us know in the comments below!

Sincerely,
Ryan from The Bunch

Authorization Decorators

Last time I wrote about decorators, I explained their usefulness in rate limiting API endpoints. Today, I’m demonstrating another common use: authorization.

If you store the usernames of logged-in users in the session, your endpoint and decorator might look something like this:

@app.route("/get_secret", methods=["GET"])
@login_required
def secret_info():
    return "The truth is...I am Iron Man."

def login_required(func):
    def login_wrapper(*args, **kwargs):
        if not flask.session.get("username"):
            return "Unauthorized", 401
        return func(*args, **kwargs)
    return login_wrapper

That’s it! Just add @login_required to any endpoint at which you want to restrict access. It’s likely that you’ll want to do something more complex–maybe different users have different roles, or there are other attributes to check–but the concepts will be the same. There are good libraries for integrating HTTP Basic Authentication into your API which is another useful authentication method.

What authentication decorators do you use in your applications? Let me know in the comments below!

Happy coding!
Ryan from The Bunch

Use Case: College Students

university

YOICO–You’re Only In College Once. I did my best to popularize this phrase at The University of Delaware when YOLO was a big deal. YOICO was a great excuse to get a pizza and watch a movie at 3am instead of studying, and the only downside (obviously there aren’t others…) is that I can’t use it anymore now that I’ve graduated.

College is fun, and having the freedom to manage your own time is great. However, sometimes flexible schedules can make it difficult to meet up with people–especially for meals. If I had LunchBunch in college, I would have used it every day.

Eating Alone

Sometimes you only have 5 minutes to eat before class starts or you just want to eat alone, but usually eating with people is more fun. Schedules change every day, but LunchBunch makes it easy to find hungry friends. Instead of texting all of your friends to see who is available, you can check LunchBunch for the friends who–just like you–are ready to eat.

Regular Groups

LunchBunch is great for finding people right now, but it is also useful for regular meals. Let’s say you and your roommates always get lunch together on Tuesdays. You can create a Roommate bunch in the app, and when you’re ready to eat, you can invite all of them at the same time.

Availability

With LunchBunch, you don’t have to worry about messaging people who aren’t available. Sometimes it’s hard to text people before a meal because they might not respond immediately, they may have already eaten, or they’re otherwise not available. When I don’t get an immediate response to a text message, I wonder how long I should wait before asking someone else or going alone. But with LunchBunch, I can see which friends want to eat now, and it’s super easy for me to suggest a place.

So next time you’re hungry, whether you’re getting out of class, you need a study break, or you simply want to see if anyone is available, check LunchBunch!

How do you use LunchBunch in college? Do you have suggestions for how we could make LunchBunch even better for your campus? Please let us know in the comments below!

And remember, you may only be in college once, but YCALB (You Can Always LunchBunch)!

Sincerely,
Ryan from The Bunch