Skip to content

Feedback #1

New issue
New issue
Closed
Closed
Feedback#1
Labels
feedback
@dewil-official

Description

@dewil-official
dewil-official
opened on Apr 6, 2021

Hey Malik, here's some feedback! Hope it helps :)

Frontend

  • Empty messages shouldn't be possible. (Block them both in Frontend and Backend)
  • The input box should have a fixed width.
  • "standup" and "Recent" & "Calendar" should be vertically centered, e.g. with align-items: center;
  • CSS looks fine, although it's not very scalable. You might look into the following:

Backend

I can't say too much about the python code unfortunately, because I haven't worked in Python too much. But here's what I can say:

  • You should rate-limit the requests. Would be easy to spam your backend with requests right now.
  • Make sure to encrypt any passwords in the database, use "sugared cryptographically-safe hash functions" for that. (Just google it lol) -- If someone stole your DB, it would be impossible to crack the passwords then.
  • Try to split the app.py into multiple modules, extract functions wherever it makes sense. (Anything that's repeated at least once, or benefits from better naming)

General

These specific suggestions might give you some idea on what to improve, but if I would go on with every tiny detail, it'd take forever. So in general:

  • Follow the "Clean Code" advice, especially:
    • DRY: Don't repeat yourself.
    • Try to write code that explains itself. A well-named function is better than a well-written comment.
  • Look into automated testing! I'm sure there's good tooling for Python.
    • This is a bit advanced maybe, but it's crucial for stable applications. Try to stick to TDD (test-driven-development) as soon as possible.
    • You'll have to learn to write "testable" code. A few keywords to research here: "Mocks", "Stubs", "Fakes" (those are all similar), "Dependency Injection"... The goal is to be able to switch out real libraries (like flask) with your own testing dummies. Then you can use them to verify that your code behaves as it should.
    • Automated testing & clean code complement each other. Although both can be very difficult, if you start early, they will save you a lot of trouble.

I liked your general architecture. There's not too many files in each folder, it's clear what each module does. Try to stick to that, when the app grows. Make sure to extract functionality into separate modules wherever possible to avoid messy code.

The two concerns that I'd have before launching this tool publicly are 1. Security and 2. Testing.

  1. For Security, read into the OWASP principles.
  2. For Testing, stick to my earlier advice. Use any python testing framework.

I know this might all be a bit overwhelming, but I hope it helps anyway. Consider this a roadmap to becoming an "Advanced Developer", or at least one who can be confident in their production code! 😄

Metadata

Metadata

Assignees

No one assigned

    Labels

    feedback

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions