One of the most basic ways to keep the users of your web application engaged is to give them a space to write comments. These days, there are third-party services pretty much for everything, and comments is not an exception. Disqus and Facebook are popular services that allow you to embed comments into your site.

But what if you don't want to use an external service? In this article, I'm going to show you how I implement comments in Python, using the SQLAlchemy ORM and any of the database engines it supports. I'm going to start with an extremely simple approach, and then will go on to discuss a few advanced implementations with support for multiple levels of replies.

Have you seen anybody using a Chromebook yet? These are slim, lightweight laptops that run ChromeOS, an operating system made by Google that is designed around the Chrome web browser. If you want a laptop that you can use for doing your email, watching Netflix and other tasks you can easily do in a web browser, then a Chromebook is a very good choice, and also cheap, since most models are in the $150-$300 price range.

They also make great travel laptops if you are going on vacation or to a conference. The problem for me is that when I travel, I spend a fair amount of time coding (this is an addiction I do not want to get rid of!). So I decided to buy one and try to configure it in a way that is suitable for web development on the move. In this article I'm going to go over three different approaches to do that.

If you are like me, you were starting to get comfortable with the idea of deploying your applications to cloud instances such as EC2s on AWS or droplets on DigitalOcean, when people started to shift away from cloud instances and embrace containers. Maybe now you are getting into containers and Docker, and as is to be expected, the tech world is making a move once again, this time to severless computing. Impossible to ever catch up, right?

In this article I'm going to tell you what a serverless architecture can offer you that the more traditional approaches cannot (and more specifically how it is possible to run your Python web applications without a server!). At the time I'm writing this, AWS has by far the most mature serverless platform, with the Lambda, API Gateway and DynamoDB triad of services at the forefront, so this is the platform I'm going to concentrate on.

Almost three years ago I wrote an article on this blog titled Video Streaming with Flask, in which I presented a very modest streaming server that used a Flask generator view function to stream a Motion-JPEG stream to web browsers. My intention with that article was to show a simple, yet practical use of streaming responses, a not very well known feature in Flask.

That article is extremely popular, but not because it teaches how to implement streaming responses, but because a lot of people want to implement streaming video servers. Unfortunately, my focus when I wrote the article was not on creating a robust video server, so I frequently get questions and requests for advice from those who want to use the video server for a real application and quickly find its limitations. So today I'm going to revisit my streaming video server and describe a few improvements I've made to it.

While working on the second edition of my flask book, I was reviewing my Selenium tests, which allow me to automate a web browser and do end-to-end testing. In the current version of the book I recommend running these tests against Firefox. I thought this was a great opportunity to see how Headless Chrome works, as that eliminates the annoying browser window that pops out every time you run the tests.

The results are encouraging. This super short article describes what you need to do to set up Selenium to use the Headless Chrome browser.

If you live anywhere in North America, write down August 21st, 2017 in your calendar. This is the date of the next solar eclipse, one that is of particular interest to us living in this continent, as everybody will be able to experience it in some capacity regardless of location. The map below, from NASA, shows the swath of the United States in which the eclipse will be total, and what percentage of totality you will see anywhere else (click to see a larger version).

In this short article, I want to give you some ideas on how to prepare to view and photograph the eclipse in a way that is safe for you and your camera.

Cookies are the most common attack vector for applications that run on web browsers, yet the topic of how to make cookies secure is frequently overlooked. I touched upon this topic in a few past articles, but today I want to specifically go over all the options Flask and extensions such as Flask-Login and Flask-WTF give you in terms of securing your application against web browser attacks.

Chances are, you were introduced to my blog through the Flask Mega-Tutorial, which is by far, the most popular topic on this blog. If you are doing the tutorial now, I'm sure you noticed that a number of things aren't quite as easy anymore. This is unfortunate, but several of the areas the tutorial touches on have seen significant changes since I published the articles.

The tutorial is now five years old, and embarking on a rewrite to bring it to Python 3.6 and current versions of all other technologies is going to require a considerable amount of time and effort. So I have decided to try a little experiment with a Kckstarter. If you haven't seen this yet, have a look at this video:

The way user sessions are handled in my Flask-SocketIO extension has always been a pain point for me. I tried to make sessions work almost the same as they work on regular Flask routes, but the "almost" part is what makes it confusing for most people.

In this short article and its companion video, I will try to explain why this is not trivial, and also will go over some improvements I just released that I hope will improve the use cases on which users seem to always trip.

I gave a talk titled Handling Authentication Secrets in the Browser at Fluent 2017 in San Jose (you can see the slides above). As a complement to the talk, I thought it would be a good idea to write down the main concepts here on the blog as well, for those that weren't at my talk or those that were, but want to study the topic with more time than the 40 minutes I had for my presentation.