Recently, I copied and pasted a day’s worth of raw coding activity data from WakaTime (if you’re not familiar with WakaTime, check out this post). To my surprise, the result I got back was extremely useful to guide my work. Here are some examples: Practical advice (based on what you actually did) Astro – cut […]
Month: September 2025
Simplifying Secure Authentication with AWS Cognito
In modern projects, user authentication is not only essential but also one of the most challenging features to implement correctly. Building your own system for login, registration, password recovery, and permission control requires time, continuous maintenance, and strong security practices. Before choosing AWS Cognito, I also considered well-known alternatives such as Auth0, Okta, and even […]
Plausible: a lightweight and privacy-friendly alternative to Google Analytics
Introduction If you’re looking for a lighter, privacy-respecting alternative to Google Analytics, Plausible is definitely worth checking out. Why Plausible? Plausible doesn’t use cookies and doesn’t collect personally identifiable data. That means it’s fully compliant with privacy regulations like GDPR and LGPD — and no need for consent banners. It’s also extremely lightweight, helping your site load […]
Deploying a Flask App with AWS App Runner
Goal I wanted to explore AWS App Runner, so I deployed a basic Python Flask application that connects to a database and returns a list of posts. Deployment steps Result The application was up and running in just a few minutes, with automatic deployment and a custom domain. AWS App Runner proved to be a convenient option for deploying small […]
Costs and Performance Testing with AWS App Runner and Amplify
Context After testing AWS Amplify and AWS App Runner, I started tracking real-world costs in a low-usage environment, aiming at small projects and MVPs. Costs: AWS App Runner With two backend applications built using Python Flask and running on the minimum configuration (0.25 vCPU & 0.5 GB memory), the total cost in the first third of June was US$ 2.10, covering 300 […]
Authentication Best Practices: Protecting Against Hijacking, Brute Force Attacks, and Secure Use of Refresh Tokens
Authentication Best Practices: Protecting Against Hijacking, Brute Force Attacks, and Secure Use of Refresh Tokens 1. Protection Against Token Hijacking Token hijacking happens when an attacker intercepts or steals an authentication token — like a JWT — and uses it to access protected resources as if they were the legitimate user. To prevent this kind […]
Have you ever heard of WakaTime?
It’s a tool that integrates with your IDEs and automatically tracks how much time you spend on each programming language, project, machine, and editor — all privately, visible only to you. It’s a great way to monitor your productivity and get a clearer picture of how you invest your coding time. It’s definitely worth checking […]