Matthew Idowu

@ptech3net *set

@ptech3net What I do is that I include a flag in the endpoint logic that goes to the otp service to tell it it is a partial validation , and the other backend request for what the actual flow will be will see the flag to tell the otp service to do a full validation

What’s your experience with security testers? So, this lady was testing an application where I built the backend and guess what? 😂 She somehow bypassed the OTP validation. 😌 Now, it’s not that the backend validation wasn’t strong enough, but the frontend was relying on the HTTP status code instead of the actual response status from the backend. 🙂‍↔️ When she called the endpoint, the backend returned a 400 (Bad Request) but somehow, she modified it to 200 (OK) before it reached the frontend… and boom, she got through. 😂😂 I was like, “You guys are actual criminals!” 😂 Anyway, what’s your approach to handling things like this? 🤝

@iamadeolawumi Very wild, like I was not expecting the delivery of the lyrics at all

This is wild!!!

@mjovanovictech I’ve been using Flurl for 5+ years

C# "script" to send an HTTP request with Flurl.

@durutheguru x.com/matmape/status…

Today is my last day as a software engineer at Moniepoint. It’s been 10 years since I started my career at this great company. 10 years of blood, sweat, tears, and triumph. What a journey it has been!!

@johnoojetunde @durutheguru Congratulations man! I think you developed the reserved account system that I integrated to in 2019? I remember seeing your name on the Skype chat back then if I’m not wrong

@durutheguru Julian — can’t forget your work on dynamic reporting structure. You really cooked man 👨

@hackSultan Ahhh

I’ve seen laziness but this is a discovery.

Don't watch this if you dont want to hear the truth. This one touch everybody but I will say it.

@Melanin_2 Lion😒

Can’t believe I will be turning 26 this year. Can’t I be 22 forever 🥹

@Bolarinwaiyanu Happy birthday my brother . Wish you the best

It's my birthday today, and I am sharing some of my life updates. God is in the details of the journey. Happy birthday, Iyanuoluwa. iyanuoluwabolarinwa.medium.com/30-and-countin…

This is why you don't roll your own security, even for an MVP. Security researcher investigates app that only has magic sign-in, and immediately finds that instead of checking the OTP server-side, they send it as a response to the client request. Allows to take over ANY account.

Visual Basic (.net)

I’m looking at Vb.net code and it’s not bad at all😂😂😂 Very expressive language

Do you remember when you joined X? I do! #MyXAnniversary

@PaulonEvrything Paul😂😂😂

Is it modular though?! Can they box this up and can the customer assemble it in their homes?

We are hiring 🔊 We’re looking for a Quality Assurance Engineer and Fixed Income Trader to join our team in Lagos, Nigeria. If you’re passionate about financial markets, trading systems, and delivering excellence in fintech, this is your opportunity to make an impact. Be part of an innovative team driving performance, precision, and continuous improvement in financial technology. Apply Now via: • airtable.com/appOnqZt2DDYvk… • airtable.com/appVXvAvHfhMZT… #Payaza #FixedIncome #TradingEngineer #QAEngineer #Fintech #JobOpening #Lagos #Nigeria #Hiring #CareerOpportunity

@25tobiloba The movies there are too bad or like amateur made. Always annoying

I used to think the movies on Amazon Prime were better than Netflix, but be like say Amazon Prime don dey turn to YouTube now

@mjovanovictech What I need to see is Application Section Permission access control

What is RBAC (Role-Based Access Control)? Here's how it can help with your authorization policies. RBAC stands for Role-Based Access Control. Here's how RBAC works: - Roles are assigned a set of permissions - Users are granted roles, and thus permissions - Permissions decide what a user can or can't do What's the benefit? One problem I always had with roles was fine-grained authorization rules. Roles are too broad for some policies I need to enforce. This is where permissions come in. I can define permissions for specific actions. It's easy to allow other roles to access that action: I have to assign the permission to the role. It's not a complicated idea. But it's a powerful authorization approach. If you want to learn more about permission authorization and how you can use claims transformation to implement it, check out this article: milanjovanovic.tech/blog/master-cl… Have you used RBAC in your applications? --- Do you want to simplify your development process? Grab my free Clean Architecture template here: dub.sh/caw14x

@olobzjr @FreddAdamz and @prosseypep don’t say I didn’t help you

payment app idea: "pap" an app that carries out transactions only after a customizable period of time, giving you a chance to rethink impulsive decisions mistakenly ordered beef shawarma with double sausage when there is rice at home? pap has got you covered 🙂‍↔️