There are plenty of tutorials that cover the basic measures you need to take to secure a Linux server, including my own. What usually falls outside the scope of these tutorials is what other steps are recommended for a server that is going to be accessed by multiple people, such as a group of developers all working together as a team. Group access to a server introduces some challenges, as you will need to implement procedures to grant and revoke access as team members come and go, and do so without any compromises on security.

It's been over a year since I wrote my guide on setting up a cheap Chromebook for web development. In that article, I presented three different ways to install a Linux distribution instead of, or sometimes alongside ChromeOS, the native Chromebook operating system. These three methods were all a bit hacky. One required running a heavily sandboxed Android app, while for the other two you had to put the machine in developer mode, which bypasses some of the security measures that make the Chromebook one of the most secure laptops you can find.

Since I wrote that article in September 2017 there's been a new development. Now there is a fourth method of running a native Linux distribution, available to most Chromebook models from the last few years. What makes this new method interesting is that it is an officially supported feature of ChromeOS, so there is no need to activate developer mode, and no need to make concessions on the highly regarded Chromebook security model. This method is based on container technology, and is known by the project name Crostini.

In this short article and video I want to give you a few tips on setting up a PyCharm project for your Flask application. The idea is to set up a Flask application so that it can be executed, debugged, and tested from inside PyCharm Community Edition, which is fantastic IDE for Python that is completely free to download and use. If you want to see me go through the exercise, watch the video below. Then you can come to the article if you want a quick reference and summary of the steps required.

JSON Web Tokens offer a simple and powerful way to generate tokens for APIs. These tokens carry a payload that is cryptographically signed. While the payload itself is not encrypted, the signature protects it again tampering. In their most common format, a "secret key" is used in the generation and verification of the signature. In this article I'm going to show you a less known mechanism to generate JWTs that have signatures that can be verified without having access to the secret key.

In this live webcast I explain how to prevent circular dependency errors in Python. Most of this presentation is a live coding session in which I refactor a single-file Flask application into a fully fleshed out structure with multiple packages and modules, demonstrating how I completely avoiding circular dependencies.

This is the twenty third and last installment of the Flask Mega-Tutorial series, in which I'm going to tell you how to extend microblog with an application programming interface (or API) that clients can use to work with the application in a more direct way than the traditional web browser workflow.

This is the twenty second installment of the Flask Mega-Tutorial series, in which I'm going to tell you how to create background jobs that run independently of the web server.

This is the twenty first installment of the Flask Mega-Tutorial series, in which I'm going to add a private message feature, along with user notifications that appear in the navigation bar without the need to refresh the page.

In this live webcast I explain what is the purpose of the request and application contexts in Flask, and why sometimes you get these weird errors about them.

This is the twentieth installment of the Flask Mega-Tutorial series, in which I'm going to add a nice popup when you hover your mouse over a user's nickname.