{"componentChunkName":"component---src-templates-blog-list-template-js","path":"/engineering/23","result":{"data":{"allMarkdownRemark":{"edges":[{"node":{"excerpt":"Kubernetes is a standard container orchestration open-source platform, that is, for managing applications constructed from several, often…","fields":{"slug":"/engineering/understanding-kubernetes/"},"html":"

Kubernetes is a standard container orchestration open-source platform, that is, for managing applications constructed from several, often self-contained runtimes called containers.

\n

Since the Docker containerization project launched in 2013, containers have become increasingly common, but massive distributed containerized apps can become increasingly difficult to coordinate.

\n

Kubernetes became a central part of the container revolution by making containerized systems significantly more straightforward to handle at scale.

\n

This blog targets the way modern applications are deployed and consumed. It introduces the importance of Kubernetes, a container Orchestration tool on a basic level, and how it is making Developers more convenient.

\n

What is Kubernetes

\n

Kubernetes (also known as k8s) is a container orchestration tool widely used to deploy and update the application without any downtime. It enables auto-scaling of resources in case of an increase/decrease in requests to the server.\nAlso, it provides intelligent management, allocation of resources, and services, which saves a lot of money for us.

\n

Benefits of Kubernetes

\n

By using Kubernetes, developers can build cloud-native applications with Kubernetes as a runtime framework. Patterns are the tools a developer of Kubernetes requires to construct applications and services based on containers.

\n

Here are a few benefits of Kubernetes:

\n\n

Kubernetes vs. Docker

\n

Often mistaken as a choice between one or the other, Kubernetes and Docker for running containerized applications are different but complementary technologies.

\n

Docker lets you put everything you need into a box that can be stored and opened when and where it is required to run your application. It would help if you had a way to handle them once you start boxing up your applications, and that's what Kubernetes does.

\n
    \n
  1. With or without the Docker, Kubernetes can be used.
    2. \n
  2. The distinction between Docker and Kubernetes refers to the role each plays in your applications' containerization and execution.
    3. \n
  3. Docker is an open industry standard to package and distribute container applications.
    4. \n
  4. To deploy, manage, and scale containerized software, Kubernetes uses Docker.
    5. \n
\n

Why do you need Kubernetes?

\n

Kubernetes will assist you in deploying and managing containerized, legacy, and cloud-native applications, as well as microservice, refactors.

\n

To meet evolving business demands, the development team needs to build new products and services rapidly. The cloud-native architecture starts with container microservices, allowing faster development and making it easier to transform and optimize existing software.

\n\n

That is where Kubernetes comes into the picture. It handles all the above requirements effectively and reduces a lot of burden from the developer's shoulders.

\n

\"Kubernetes

\n

Technical Aspect

\n

Kubernetes was designed as a highly available cluster of computers connected to work as a single unit. This abstraction level allows us to deploy the application without thinking much about the machines on which the application would run. Kubernetes' role is to automate the distribution of application containers on computer clusters efficiently.

\n

A typical computer cluster in Kubernetes consists of:

\n\n
\n

The Master is responsible for managing the cluster. The master nodes will coordinate all the activities in your cluster, such as scheduling applications, maintaining their desired state, scaling applications, and rolling new updates. Whereas a Node is a VM or a physical computer that is used as a worker machine in a Kubernetes cluster to actually, run the application

\n
\n

\"Kubernetes

\n

A master node contains processes that continuously watch the deployment for any CPU or Memory requirement and smartly allocated it in the form of new pods to auto-scale the application, which handles the vast amount of requests coming to the server.

\n

Most of the current cloud services like Amazon Web Service(AWS), Microsoft Azure, and Google Cloud come with automatic support for Kubernetes to provide ease in deploying and maintaining application containers.

\n

A Kubernetes cluster can be deployed on either virtual or physical machines. A software named Minikube can be installed on your local machine that creates a VM on your local machine and deploys a simple cluster containing only one node.\nMinikube provides a CLI through which we can execute commands & simulate a small-scale Kubernetes cluster.

\n

\"Kubernetes

\n

Some of the basic Kubernetes CLI commands are:

\n\n

Conclusion

\n

There are many benefits of learning Kubernetes as it releases a lot of deployment stress from the developer's shoulders. It helps in auto-scaling, intelligent utilization of available resources, and enables low downtime for maintenance.

\n

Without k8s, a lot of human effort and money is gone into these things, but with the help of k8s, everything can be automated.

\n

Since K8s is a vast technology, it is impossible to wrap all things in just one blog. To simplify things, I will be publishing more blogs soon related to k8s Deployments, ReplicaSets, Services, Ingress Controller, Master and Worker Processes, Kubectl, etc. Stay connected and keep learning.

\n","frontmatter":{"date":"October 26, 2020","updated_date":null,"description":"Learn about the Kubernetes. A container Orchestration tool on a basic level, and how it is making the job of Developers simpler.","title":"What is Kubernetes? - A Basic Guide","tags":["Kubernetes","Deployment","Distributed Systems"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/17636a7b563db424ef3300fe9aed0477/58556/image3.webp","srcSet":"/static/17636a7b563db424ef3300fe9aed0477/61e93/image3.webp 200w,\n/static/17636a7b563db424ef3300fe9aed0477/1f5c5/image3.webp 400w,\n/static/17636a7b563db424ef3300fe9aed0477/58556/image3.webp 800w,\n/static/17636a7b563db424ef3300fe9aed0477/99238/image3.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Prabhat Kumar","github":"prabhatkgupta","avatar":null}}}},{"node":{"excerpt":"Robotic process automation(RPA) process to get the repetitive tasks done through bots and reduce manual efforts. In definitive words, we can…","fields":{"slug":"/engineering/importance-of-rpa/"},"html":"

Robotic process automation(RPA) process to get the repetitive tasks done through bots and reduce manual efforts.

\n

In definitive words, we can say ** \"Impersonating human activities in a sequential fashion to achieve a designated result without any manual intervention is known as Robotic Process Automation.\"**

\n

Why is RPA becoming an essential part of every business?

\n

There are many benefits of robotic process automation, depending on the industries. I have listed a few common benefits across all the business domains and industries.

\n

A Desideratum

\n

Any business's success depends on how deep they understand the customers, or rather, I should say targeted customers. And this is one of the fundamental challenges for companies.

\n

Intelligent automation through RPA can be implemented to understand user behavior, helping companies in decision making for their targeted customers and growth.

\n

Cost Effective

\n

RPA is the most sought after solution in this technology-driven era to reduce the investment being done on manual tasks and get the best of the employees by allowing them to innovate rather than doing monotonous work. Multiple studies say that rolling out RPA, and thoughtful implementation can save approx 30-35% of companies' costs being spent on non-productive and repetitive tasks.

\n

Undefeatable Accuracy

\n

A report by ICO (Information Commissioner's office) says that 90% of a data breach between 2017 and 2018 happened due to human error. Human minds have certain limitations. We can't always be attentive 100%. And the moment we lose attention, we become vulnerable to make mistakes.\nBut Robots, once defined/built, can have unlimited attention and can work endlessly without any distractions. And that gives the ability to make no mistakes.

\n

Raising the Bar On Productivity

\n

Humans have their limitations, capacity to work. But robots, on the other hand, have no measure of capacity. If developed smartly, they can work for every millisecond. And this gives unlimited possibilities for any company to run their businesses without worrying about productivity.

\n

Use cases in different industries/domains

\n

RPA in Business Process Outsourcing

\n

Business process outsourcing(BPO) always strives for heftiness in productivity with minimal cost. With the efficient use of RPA, the BPO's can eventually reduce a lot of operating expenses and make more effective utilization of their workforce. As robots can work 24/7, productivity can be increased tremendously. Apart from repetitive work automation, the industry also has a lot of back-office work, which is purely rule-based, and the same can be achieved with better security and audits. Report generation, data analysis are the other tasks that can also be done through RPA. Some more examples can be

\n\n

RPA in Banking

\n

Most innovations, along with technological advancement, have been seen in the banking sector. As per the reports, the BFSI domain holds the largest share in the year 2019 to apply RPA.

\n

RPA has a surfeit of applications in banking covering from customer service to compliance nearly everything. The following are a few examples.

\n\n

RPA in Medical Industry

\n

The medical industry across the globe has always been a sector that is continuously striving for improvement. Providing the best health care services for a broad range of population is a real challenge in both operational and organizational. There are numerous use-cases in the medical industry where patients and hospitals can leverage the benefits.\nSuch as :

\n\n

RPA in Insurance

\n

Insurance is an industry which deals with vast amounts of data and processes. With the help, RPA insurance providers are now capable of merging front-end and back-end operations resulting in reducing cost and manual intervention.\nLeslie Willcocks professor at LSE, said that * \"In an insurer we studied, there was a particular process where it used to take two days to handle 500 premium advice notes. It now takes 30 minutes\"*\nThis much processing was made by implementing RPA. Apart from the front-end or back-end automation, there can be many other use-cases, for example

\n\n

Conclusion

\n

There are many more benefits of robotic process automation, depending on the industries.\nA survey by Deloitte says that RPA continues to meet and exceed expectations across multiple dimensions, including :\n92% on Improved Compliance\n90% Improved quality and accuracy\n86% improvement in productivity and\n59% cost reduction.

\n

They say that with the current pace, RPA will have achieved near-universal adoption within the next five years.

\n","frontmatter":{"date":"October 23, 2020","updated_date":null,"description":"It's very important for every business to evolve with technologies, understand their customers needs and and market senitment to sustain and grow.This article will give you some insights that how RPA can help in that with different industries/domain.","title":"Why RPA is important for businesses","tags":["Engineering","RPA","Automation"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/bf3c8e9f6887242b7e9e77c12054a934/58556/RPA.webp","srcSet":"/static/bf3c8e9f6887242b7e9e77c12054a934/61e93/RPA.webp 200w,\n/static/bf3c8e9f6887242b7e9e77c12054a934/1f5c5/RPA.webp 400w,\n/static/bf3c8e9f6887242b7e9e77c12054a934/58556/RPA.webp 800w,\n/static/bf3c8e9f6887242b7e9e77c12054a934/565e9/RPA.webp 1050w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Vikram Jain","github":null,"avatar":null}}}},{"node":{"excerpt":"Ever since you enter the sphere of ethical Hacking, you usually need to get your hand on most of the Hacking Tools. The more tools you…","fields":{"slug":"/engineering/best-hacking-tools/"},"html":"

Ever since you enter the sphere of ethical Hacking, you usually need to get your hand on most of the Hacking Tools. The more tools you recognize, the more your hacking career is getting ready to fly off. Therefore let's discuss some of the necessary hacking tools.\n

\n

1.) Nmap

\n

\n

\n

It is a free and open-source tool that's used for network discovery and security auditing.\nNmap is a powerful tool because it is often used to scan vast networks having thousands of machines. It's a command-line tool. Nmap suite additionally includes a complicated GUI that's referred to as \"ZenMap\".\nIt supports a large variety of OS that is:

\n\n

It uses raw IP packets to determine

\n\n

Nmap download link\n

\n

2.) Metasploit

\n

\n

\n

It is essentially a Security Assessment and Penetration Testing tool. Metasploit is often used to launch an attack on alternative systems with it.\nIt uses a vulnerable system on that security testing may be conducted to use the failings within the system.\n

\n

Metasploit may enforce as follows:

\n\n

Metasploit download link\n

\n

3.) Wireshark

\n

\n

\n

It is an open-source tool that's used to capture traffic on the network. It's essentially a network protocol analyzer tool.\n

\n

Wireshark helps in:

\n\n

It additionally captures HTTP packet transmission over the network. Click on \"Follow protocol connection\" within the HTTP packet. Currently, you'll be able to see the username and passwords that are captures over the network.\n

\n

Wireshark download link\n

\n

4.) John the Ripper

\n

\n

\n

JTR is free and open-source software that's wide employed by hackers for password cracking. It uses the varied cryptanalytics attacks like \"Dictionary Attack\" and \"Brute-Force Attack\".\nIt additionally comes with the business version moreover, i.e., \"John the Ripper Professional.\" It's a lot of accessible versions providing a lot of practicality in password cracking at the enterprise level.\n

\n

John the Ripper working:

\n\n

The rate at which the password is going to be cracked depends utterly on the password's strength and offered wordlist. It keeps attempting to break the password continuously till the termination command isn't given.\n

\n

John the ripper download link\n

\n

5.) Burp Suite

\n

\n

\n

It is an integrated platform that's used for activity a check on net application security.\nIt provides a large variety of tools that are used from initial mapping to exploiting the applications' vulnerabilities. Once the issues are detected, hackers will use it to break into the security of the system.\n

\n

Burp Suite comes in 3 editions:

\n
    \n
  1. Community Edition: It is available free of charge for downloading.
    2. \n
  2. Professional Edition: Penetration testers and bug bounty hunters utilize it.
    3. \n
  3. Enterprise Edition: An organization utilizes it.\n
    4. \n
\n

Burp Suite features:

\n\n

Burp Suite download link\n

\n

6.) Angry IP Scanner

\n

\n

\n

It is one of the quickest IP addresses and port scanner. By exploitation, this hacker will gather data concerning open ports within the target system.\nIt pings every IP address within the target system to see whether it's active or not. Further, it resolves the hostnames and determines the MAC address.\n

\n

Features:

\n\n

Angry IP Scanner download link\n

\n

7.) Nikto

\n

\n

\n

It is a web-server assessment tool. It is an open-source platform that performs tests against web servers to seek multiple vulnerable files, misconfigurations, out-of-date servers, and programs on its web server.\nIt depends on HTTP response to seeing whether or not a page or script exists on the target.\n

\n

Features:

\n\n

Nikto download link

\n","frontmatter":{"date":"October 22, 2020","updated_date":null,"description":"Learn about the basic hacking tools.","title":"Best Hacking Tools","tags":["Ethical Hacking","Security","Testing"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/2ee3fb0f028bf5c1449727036095e60e/58556/cover1.webp","srcSet":"/static/2ee3fb0f028bf5c1449727036095e60e/61e93/cover1.webp 200w,\n/static/2ee3fb0f028bf5c1449727036095e60e/1f5c5/cover1.webp 400w,\n/static/2ee3fb0f028bf5c1449727036095e60e/58556/cover1.webp 800w,\n/static/2ee3fb0f028bf5c1449727036095e60e/99238/cover1.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Akshay Nagle","github":"Akshay-Nagle","avatar":null}}}},{"node":{"excerpt":"Introduction Redis's usage as both a temporary data store and even as a permanent data store is increasing today, as memory has started…","fields":{"slug":"/engineering/three-ways-to-do-crud-operations-on-redis/"},"html":"

Introduction

\n

Redis's usage as both a temporary data store and even as a permanent data store is increasing today, as memory has started becoming much cheaper. Redis' quick memory-based CRUD operations allow database interactions to happen significantly faster than interactions with other databases that use drive-based storage. This blog is about three different methods to interact with your Redis data.

\n

This blog will require having access to a Redis instance. Guides can be found to set up a local Redis instance for Windows here and for UNIX based machines like Mac or other Linux distros, it can be found here. Alternatively, you can use a remote instance, but be aware that some of the commands in this blog may delete or modify the data.

\n

Redis Insight

\n

For users that do not like working with command-line interfaces, the first tool introduced in this blog is a GUI interface called RedisInsight. This can be found here. After filling in their download form and installing, running the application will start a server on the localhost, which you can access with a browser.

\n

After installing and running the application, you will add the connection information for your Redis instance. If running a local instance of Redis, the connection information in the image will typically suffice. If connecting to a remote instance, you might need to fill in some additional details for TLS, such as connection certificates.

\n

\"Connect\"

\n

When connected to your Redis instance, the dashboard UI appears. Clicking the Browser sidebar tab will display all existing keys in your database.

\n

\"Browser\"

\n

From here, CRUD operations are relatively straightforward. Key-value pair creation can be done by using the ADD KEY button. This will prompt for the type of key-value pair to be added (Hash, String, JSON, etc.) and the data that will be stored with the key.

\n

If a specific key is required to be queried, fill in the field next to the blue filter icon with search criteria, then click the icon. It will prompt the type of data stored with the key, and the results will be displayed.

\n

\"Filter\"

\n

Finally, keys can be deleted by clicking the trash can icon on the right side.

\n

Redis CLI

\n

The Redis command-line interface is a more common approach for developers to interact with data from a Redis store. If you followed the steps at the beginning of the blog, the CLI should already be installed. To do a ping test to the server, type the following command in the terminal:

\n
chris@LR-ENG-17:~$ redis-cli -h localhost -p 6379 ping\nPONG
\n

And to connect, run the previous command without pinging:

\n
chris@LR-ENG-17:~$ redis-cli -h localhost -p 6379\nlocalhost:6379>
\n

The basic command to get a key-value pair is to call get with the key:

\n
localhost:6379> get key:1\n"value1"
\n

Setting a value can be done with the set command:

\n
localhost:6379> set key:1 value1new\nOK\nlocalhost:6379> get key:1\n"value1new"
\n

Creating a value can also be done in the same way:

\n
localhost:6379> get key:3\n(nil)\nlocalhost:6379> set key:3 value3new\nOK\nlocalhost:6379> get key:3\n"value3new"
\n

And deletion can be done with the del command:

\n
localhost:6379> del key:3\n(integer) 1\nlocalhost:6379> get key:3\n(nil)\nlocalhost:6379>
\n

This is only the simple basics of the Redis CLI. You can do more advanced operations through the CLI, such as the flushall command, which wipes your database. It’s a powerful tool, so be careful when experimenting with it. An extensive list of commands can be found here.

\n

With Your Chosen Programming Language

\n

With Redis’ widespread usage, almost all major industry programming languages have either community or official supported releases of libraries that can be used to interact with your database. In this section, I will be using Node.JS, and one of the support Redis libraries called node-redis.

\n

Initialization of the package in the code can be done by calling the following command after initializing Node in your directory:

\n
npm install redis
\n

When the process is finished, the redis module should be imported within your code, where you can set up the Redis connection and any options that need to be included:

\n
const redis = require("redis")\n\nconst redisOption = {\n  host: "127.0.0.1",\n  port: "6379",\n}\n\nconst client = redis.createClient()
\n

For an extensive list of options supported by the library for connection, check this link.

\n

After connecting, calling the on method on the client will allow the connection to open and run commands.

\n

The commands used by the library are a 1 to 1 mapping of the commands used by the Redis CLI, so they follow the same method calls. To update or create an entry in Redis, the most basic method is to use the set command:

\n
client.set("key:3", "value3new")
\n

Getting a value can be done with the get method:

\n
client.get("key:3")
\n

Deleting a value can be done with the del method:

\n
client.del("key:3")
\n

The methods used by the client also support callbacks. For example, if the operations should be console logged, we can include a callback to redis.print after each method:

\n
client.set("key:3", "value3new", redis.print)\nclient.get("key:3", redis.print)\nclient.del("key:3", redis.print)
\n

The output of this in the console would be:

\n
Reply: OK\nReply: value3new\nReply: 1
\n

Conclusion

\n

This blog has only touched the surface of the different operations Redis can do. There are many more resources online that can help you go further into your understanding of Redis. Whether using Redis as a temporary store, like a cache, or using it as a primary, permanent store, the operations' speed is something to be acknowledged and considered when building your next big app.

\n","frontmatter":{"date":"October 21, 2020","updated_date":null,"description":"Start working with Redis in three different ways.","title":"Three Ways to do CRUD Operations On Redis","tags":["Redis","NodeJs","CLI","GUI"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/6597d1ce622532f445baf8ba0ef6e846/58556/index.webp","srcSet":"/static/6597d1ce622532f445baf8ba0ef6e846/61e93/index.webp 200w,\n/static/6597d1ce622532f445baf8ba0ef6e846/1f5c5/index.webp 400w,\n/static/6597d1ce622532f445baf8ba0ef6e846/58556/index.webp 800w,\n/static/6597d1ce622532f445baf8ba0ef6e846/99238/index.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Chris Yee","github":null,"avatar":null}}}},{"node":{"excerpt":"Have you ever wondered how our universe is stitched together? Or how matter behaves at the atomic and subatomic levels? Do you know-how is a…","fields":{"slug":"/engineering/traversing-the-realms-of-quantum-network/"},"html":"

Have you ever wondered how our universe is stitched together? Or how matter behaves at the atomic and subatomic levels? Do you know-how is a quantum computer different from a supercomputer, or what are the functions that it can perform which a typical computer can't?

\n

Or, have you ever thought of the amplification of photon particles in a laser beam? Our universe is full of occurrences that are hard to explain. However, the answer to all these questions lies in understanding the fundamentals of nature. For that, let us take a look at Quantum mechanics, which explains the functioning of particles together at the smallest level. Quantum mechanics is a branch of physics which is mainly concerned with the behaviour and nature of matter and energy and atomic and subatomic levels.

\n

With huge advancements in this field, the concept of quantum computers and quantum internet has now come to life. Typical computers are based on binary digits, that is, 0 and 1. Quantum computers, on the other hand, are based on qubits. A qubit or quantum bit is the basic unit for quantum information. They are based on particle's physical properties, such as the spin of an electron, and hence differ in various ways. We know that electron spin can either up or down, but things change when it comes to quantum mechanics. It follows the concept of superposition, according to which an electron can exist in a state in which it has a spin in both directions simultaneously. This may sound strange according to what we observe generally, yet this is how Quantum mechanics work.

\n

\"Quantum

\n

The peculiar behaviour that particles display can be useful in various ways. Qubits can store much more information than conventional bits. This can be explained as two bits with one of the four possible values, 00, 01, 10, or 11. Qubits, on the other hand, can be both 0 and 1 at once. This implies they can have all the four values all at once.\nThus, the amount of information you store using qubits increases tremendously.

\n

Quantum computers have the scope of performing operations even faster than the fastest supercomputers. Quantum computing also promises higher security and encryption. If we see the current encryption methods, all of them have some loopholes due to which information can be compromised sooner or later. Through quantum computing, the information will travel through qubits. The users will know in case someone tries to abstract the information. Thus, quantum computers promise you a very secure future!

\n

But then, how is all this information transmitted? It is Quantum networks that facilitate the transmission of information through qubits. It is an essential part of quantum computing and quantum communication systems. For quantum communication to be possible, qubits have to move from one quantum processor to the other over long distances. Thus, an\nintra-connection of local quantum networks with quantum internet is required. To understand the quantum network even better, let us take a look at its elements. The classical network and quantum network have a lot in common.

\n

They are:

\n\n

According to the current scenario, IBM has 18 quantum computers, and Google AI Quantum is also advancing towards quantum computing. The current quantum computing period is referred to as the Intermediate-Scale Quantum (NISQ) era by quantum computing scientists. Quantum supremacy is not too far as Quantum computers of over 50 qubits have already been created.

\n

Google has also demonstrated quantum supremacy with its quantum computer, the Sycamore Processor. It took 200 seconds to perform a computation, which would have required 10,000 years if solved using a traditional computer. Amazon and Microsoft are also a part of bringing global access to quantum computing. This is the future of quantum networking, and according to Deffner, \"We cannot rely on old concepts anymore, but we need something new.\"

\n","frontmatter":{"date":"October 21, 2020","updated_date":null,"description":"Basic structure and knowledge of Quantum Networking and how it can change the field of technology.","title":"Traversing the realms of Quantum Network","tags":["Engineering","Quantum","Networking"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/8459690001b75921346b6ed8be6b0572/58556/quantum_comp_FB.webp","srcSet":"/static/8459690001b75921346b6ed8be6b0572/61e93/quantum_comp_FB.webp 200w,\n/static/8459690001b75921346b6ed8be6b0572/1f5c5/quantum_comp_FB.webp 400w,\n/static/8459690001b75921346b6ed8be6b0572/58556/quantum_comp_FB.webp 800w,\n/static/8459690001b75921346b6ed8be6b0572/2640f/quantum_comp_FB.webp 941w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Devansh Markan","github":"markandevansh99","avatar":null}}}},{"node":{"excerpt":"What is Bot? According to Wikipedia, It is a software application that runs automated tasks (scripts) over the Internet. In other terms, It…","fields":{"slug":"/engineering/how-to-make-telegram-bot/"},"html":"

What is Bot?

\n

According to Wikipedia, It is a software application that runs automated tasks (scripts) over the Internet. In other terms, It is a program written to mimic human behaviour in order to perform some tasks. Bots take input and do simple and repetitive tasks, which is much faster than humans.

\n

There are two types of bots:

\n\n

In this, We will make Telegram Chatbot, which would send a copy of the input that the user has sent.

\n

Making our Telegram Chatbot

\n

We will be using Python language to make the bot and will be using Telegram package for our bot.\nYou can know more about the telegram package from here

\n

Firstly, we will generate our telegram token. Below are the steps to follow to generate your own token.

\n
    \n
  1. Search BotFather on Telegram.
    2. \n
  2. Type /start to get started.
    3. \n
  3. Type /newbot to get a bot.
    4. \n
  4. Enter your Bot name and unique Username, which should end with the bot.
    5. \n
  5. Then, you would get your Bot token.
    6. \n
\n

After generating our token, we will make a python program to create a Telegram bot that will send the Text, Emojis, and Stickers similar to the user's input.

\n\n
import logging\nfrom telegram.ext import Updater, Filters, CommandHandler, MessageHandler
\n
logging.basicConfig(format='%(asctime)s - %(name)s - %(levelname)s - %(message)s',     #take time,level,name\n                    level=logging.INFO)\nlogger = logging.getLogger(__name__)
\n

This script does a basic configuration for the logging system. It takes time, level, and name.

\n\n
TOKEN = "ENTER YOUR TOKEN"
\n\n
def start(bot,update):\n    name  = update.message.from_user.first_name  #first name of the user messaging\n    reply = "Hi!! {}".format(name)\n    bot.send_message(chat_id = update.message.chat_id, text = reply)      #sending message\n\ndef help(bot,update):\n    reply = "How can I help You"\n    bot.send_message(chat_id = update.message.chat_id, text = reply)  #sending message\n\ndef echo_text(bot,update):\n    reply = update.message.text\n    bot.send_message(chat_id = update.message.chat_id, text = reply)\n\ndef sticker(bot,update):\n    reply = update.message.sticker.file_id\n    bot.send_sticker(chat_id = update.message.chat_id, sticker = reply)\n\ndef error(bot,update):\n    logger.error("Shit!! Update {} caused error {}".format(update,update.error))
\n

start function would be taking the user's input and would be sending, Hi, with the user's name.

\n

help function will prompt the message of how can I help you.

\n

echo_text and sticker function will send the same message or the stickers which the user has sent.

\n

error function would be printing the error message on the command prompt.

\n\n
def main():\n    updater = Updater(TOKEN)  #take the updates\n    dp = updater.dispatcher   #handle the updates\n\n    dp.add_handler(CommandHandler("start", start))\n    dp.add_handler(CommandHandler("help", help))\n    dp.add_handler(MessageHandler(Filters.text, echo_text))   #if the user sends text\n    dp.add_handler(MessageHandler(Filters.sticker, sticker))  #if the user sends sticker\n    dp.add_error_handler(error)\n    updater.start_polling()\n    logger.info("Started...")\n    updater.idle()\n\nif __name__=="__main__":\n    main()
\n
\n

Save the program and execute it to check the working of the telegram bot on telegram.

\n
\n

You can get the source code to make the Telegram bot from this Github Repository Bot :robot:. You can also make some changes to the code to make the bot do cool stuff such as Getting News, Articles, or Movies recommendations.

\n","frontmatter":{"date":"October 20, 2020","updated_date":null,"description":"What is a bot and How to make our own Telegram bot.","title":"How to make a telegram bot","tags":["Telegram Bot","Python"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.4814814814814814,"src":"/static/aceaa6a49195f6d0417cb80f93f56be4/58556/bot.webp","srcSet":"/static/aceaa6a49195f6d0417cb80f93f56be4/61e93/bot.webp 200w,\n/static/aceaa6a49195f6d0417cb80f93f56be4/1f5c5/bot.webp 400w,\n/static/aceaa6a49195f6d0417cb80f93f56be4/58556/bot.webp 800w,\n/static/aceaa6a49195f6d0417cb80f93f56be4/99238/bot.webp 1200w,\n/static/aceaa6a49195f6d0417cb80f93f56be4/135cd/bot.webp 1280w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rajan Puri","github":"rjn01","avatar":null}}}}]},"markdownRemark":{"excerpt":"Introduction Ever wondered how apps like Spotify, Netflix, or Slack manage seamless login experiences across devices? Many of them use JWT…","fields":{"slug":"/engineering/how-to-integrate-jwt/"},"html":"

Introduction

\n

Ever wondered how apps like Spotify, Netflix, or Slack manage seamless login experiences across devices? Many of them use JWT, or JSON Web Tokens, a compact, stateless method for securely transmitting user identity and session data across services.

\n

With JWT token authentication, identity information is embedded in a signed token, allowing you to maintain user sessions without server-side storage. This approach is highly scalable and ideal for modern architectures like SPAs, mobile apps, and microservices.

\n

In this blog, we’ll walk you through what is JWT, why use it, and how to implement JWT authentication using LoginRadius.

\n

You’ll learn what JWT is, why it’s effective, and how it works in real-world applications. We'll cover both integration methods (IDX and Direct API), generating your signing key, managing sessions, storing the JWT token securely, and applying best practices throughout.

\n

Whether you're a developer, product manager, or IAM architect, this guide offers a complete foundation for implementing JWT token authentication into your application stack.

\n

What is JWT?

\n

JSON Web Token (JWT) is an open standard (RFC 7519) used to transmit information securely between parties as a JSON object. It’s compact, self-contained, and digitally signed, making it a reliable format for authentication and authorization across modern applications.

\n

A JWT consists of three parts:

\n
    \n
  1. Header – Contains metadata like the type of token and signing algorithm (e.g., HS256).
    2. \n
  2. Payload – Stores the actual data or “claims,” such as user ID, roles, and token expiry.
    3. \n
  3. Signature – A cryptographic hash that ensures the token hasn’t been tampered with.
    4. \n
\n

Example of a token structure:

\n

<base64Header>.<base64Payload>.<signature>

\n

Why Use JWT?

\n\n

How JWT Works?

\n

\"Flowchart

\n
    \n
  1. A user logs in with credentials.
    2. \n
  2. Your app (or identity provider like LoginRadius) issues a signed JWT.
    3. \n
  3. The client stores the token and sends it with each request (usually in the Authorization header).
    4. \n
  4. The server validates the token’s signature and claims.
    5. \n
  5. If valid, access is granted — without any session stored on the backend.
    6. \n
\n

JWT simplifies identity verification, especially when you're building apps that talk to APIs or need to scale without centralized session storage.

\n

JWT Authentication with LoginRadius: Overview

\n

LoginRadius provides robust support for JWT (JSON Web Token) authentication, which allows for flexible and secure access control across different digital platforms. Whether you're building a fully custom identity flow or using a pre-built interface, the platform supports various integration approaches depending on your architecture.

\n

If you're looking to understand how to implement JWT token authentication effectively, LoginRadius offers two primary implementation models that cater to different levels of customization and control:

\n

1. IDX Implementation – JWT through a Hosted Login Page

\n

The IDX-hosted login approach enables secure, standards-compliant, JWT-based authentication without requiring you to build a custom login interface. This is a strategic option for fast, compliant, and user-friendly deployments.

\n\n

Configuration Steps:

\n
    \n
  1. Enable JWT Login
    2. \n
  2. Go to authentication configuration settings and enable JWT Login in the Admin Console.
    3. \n
\n

\"Screenshot

\n
    \n
  1. Specify your signing algorithm and expiry policy, and define your JWT Secret Key.
    2. \n
  2. Input a secure JWT signing key.
    3. \n
  3. Specify token expiry duration (e.g., 15–60 minutes)
    4. \n
  4. Select the desired algorithm —HS256 for symmetric signing (same key signs and verifies)
    5. \n
  5. RS256 for asymmetric signing, where LoginRadius securely stores the private key used to sign the JWT.
    6. \n
  6. Your app or backend service uses the public key to validate the token signature.
    7. \n
  7. LoginRadius provides a JWKS (JSON Web Key Set) endpoint to dynamically fetch and rotate public keys, ensuring trust without key exposure.
    8. \n
  8. Update IDX Template for Callback
    9. \n
  9. Modify your IDX login page template to retrieve the JWT post-login. You can access the token via redirect URL parameters or secure JavaScript callbacks.
    10. \n
\n

Example Response:

\n

{

\n

\"access_token\": \"eyJhbGciOiJIUzI1NiIsInR...\",

\n

\"expires_in\": 1800

\n

}

\n

This integration approach works best for all teams that want effective identity workflows without the complexity of building proprietary login screens, something that is crucial for customer portals, onboarding of mobile applications, and even managing access for business partners.

\n

2. Direct API Implementation – Self Managed Login

\n

If you’re building a custom login UI or working in a headless environment, LoginRadius lets you generate and handle JWTs directly through its Authentication APIs. Here’s how you can programmatically perform token authentication using the classic method:

\n\n

Configuration Steps:

\n

Step 1: Authenticate via API:

\n\n

Include the user’s credentials (email + password) in the request body.

\n

Step 2: Get JWT in Response

\n\n

{

\n

\"access_token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\",

\n

\"expires_in\": 3600

\n

}

\n

Step 3: JWT Decoding and Validation

\n\n

Step 4: Set Custom Claims (Optional)

\n

With LoginRadius, it is possible to customize the payload to include user roles and/or any additional metadata. You can set custom JWT claims on the Admin Console.

\n

With this method, you have complete customization over login flows while using LoginRadius to issue signed JWTs for user session management.

\n

NOTE- With either method, LoginRadius ensures that JWTs are securely signed, optionally short-lived, and compatible with standard token validation libraries, making integration seamless for everyone.

\n

To get started with JWT implementation, you can read our complete developer documentation.

\n

Hosted Login vs Direct API

\n

\"Illustration

\n

What is Session Management and How It Works with JWT

\n

Session management is how your app keeps track of a user after they log in so they don’t have to prove who they are with every request.

\n

In traditional apps, sessions are stored on the server using session IDs. Every time a request comes in, the server checks that session ID to verify the user.

\n

In modern apps, especially SPAs and APIs, JWTs are used to manage sessions without needing server-side storage; this is called stateless session management. The token itself carries the user’s identity, roles, and expiration details. As long as the token is valid, the user stays logged in.

\n

Good session management ensures:

\n\n

How LoginRadius Handles Session Management with JWT:

\n
    \n
  1. \n

    User Logs In

    \n\n
    2. \n
  2. \n

    Client Stores the Token

    \n\n
    3. \n
  3. \n

    Access Token Expiry

    \n\n
    4. \n
  4. \n

    Token Renewal

    \n\n
    5. \n
  5. Logout and Token Revocation Strategy
    6. \n
\n

When the user logs out, both the access token and refresh token should be cleared from client storage.

\n\n

Combining these strategies gives you greater control over token misuse and enables a robust, enterprise-grade logout flow.

\n

\"illustration

\n

How to Store JWT Tokens?

\n

When you implement JWT-based authentication, the client (browser or mobile app) needs a way to store the access token and, optionally, the refresh token after they are issued by the authentication server. This stored token is then attached to every subsequent request to prove the user's identity.

\n

Choosing where to store the JWT is a crucial security decision. The most common storage options are:

\n\n

Each option has trade-offs between security, accessibility, and persistence, and the right choice depends on your application's architecture and threat model.

\n

Recommended Storage Strategy

\n\n

Best Practices for Storing JWTs

\n
    \n
  1. Never store sensitive tokens (like refresh tokens) in localStorage or sessionStorage.
    2. \n
  2. Use Secure and HttpOnly flags with cookies to prevent JavaScript access and ensure transmission only over HTTPS.
    3. \n
  3. Set the SameSite=Strict or Lax attribute on cookies to protect against CSRF.
    4. \n
  4. Use short-lived access tokens and rotate refresh tokens regularly.
    5. \n
  5. Implement CSP (Content Security Policy) to reduce XSS risk.
    6. \n
  6. Avoid storing any tokens in frontend code (e.g., hardcoded in JS files).
    7. \n
\n

Conclusion

\n

JWT authentication with LoginRadius offers a modern, stateless approach to managing sessions across distributed systems. The IDX integration is ideal for rapid deployment, while the Direct API model is best for organizations needing deep customization and integration flexibility.

\n

With robust token signing, refresh capabilities, and centralized control, LoginRadius provides a future-ready foundation for secure, scalable identity architecture. Contact us to know more about JWT authentication and implementation guide.

\n

FAQs

\n

1. What is JWT authentication used for?

\n

A: JWT authentication securely verifies user identities, enabling stateless session management across web, mobile apps, and microservices without server-side session storage.

\n

2. How does LoginRadius simplify JWT integration?

\n

A: LoginRadius simplifies JWT integration by offering hosted IDX login pages and direct API-based authentication methods, enabling rapid deployment and deep customization.

\n

3. Is JWT authentication secure?

\n

A: Yes, JWT authentication is secure when implemented with best practices like short-lived tokens, secure storage methods, signature validation, and refresh token rotation.

\n

4. Can JWT tokens be revoked with LoginRadius?

\n

A: Yes, LoginRadius allows revocation of JWT refresh tokens explicitly, and supports strategies like short-lived tokens and key rotation to manage token lifecycles securely.

\n","frontmatter":{"date":"April 15, 2025","updated_date":null,"description":"Discover JWT (JSON Web Token) authentication, its advantages, and how to integrate it seamlessly using LoginRadius' hosted IDX and Direct API methods for secure, scalable identity management.","title":"JWT Authentication with LoginRadius: Quick Integration Guide","tags":["JWT","JSON Web Token","Authentication","Authorization"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":0.7782101167315175,"src":"/static/4cedb7829f98208cbc6d5a9aea4e983d/58556/how-to-integrate-jwt.webp","srcSet":"/static/4cedb7829f98208cbc6d5a9aea4e983d/61e93/how-to-integrate-jwt.webp 200w,\n/static/4cedb7829f98208cbc6d5a9aea4e983d/1f5c5/how-to-integrate-jwt.webp 400w,\n/static/4cedb7829f98208cbc6d5a9aea4e983d/58556/how-to-integrate-jwt.webp 800w,\n/static/4cedb7829f98208cbc6d5a9aea4e983d/1cc9f/how-to-integrate-jwt.webp 896w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Kundan Singh","github":null,"avatar":null}}}},"pageContext":{"limit":6,"skip":132,"currentPage":23,"type":"//engineering//","numPages":53,"pinned":"5c425581-f474-5ae9-abe7-cf5342db2aaa"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}