Lessons learned in 2016

by Jannik Arndt


Do not fix your code.

Rather understand why nothing kept you from creating this bug. Make your code so easy that this bug would have been obvious the first time.


Automate early.

You know, CI/CD. Or just clean-up-scripts. Or a complete infrastructure-as-code. Remember: A script to setup something is the best documentation!


A function must not do more than one thing.

If a function name contains “and” there’s still work to do. Build small pieces.


Side effects are the root of all evil.

If you need side effects (like database or file outputs), let it be the only thing a function does.


It’s all about data.

Business logic is just a concept to change data.


A system is defined by its input and output.

Every description of anything should focus on these two things first.


I recently created a wonderful bug.

This is a basic example how to implement oAuth2 using Akka HTTP and Scala. It provides three endpoints. From the clients point of view:

  • / — publicly accessible, returns “Welcome!”,
  • /auth — provide your username and password, receive an access_token in return,
  • /api — secured by oAuth, send the access_token in a header to gain access.

From the server’s point of view:

  • / — publicly accessible, do nothing,
  • /auth — receive basic auth credentials, verify they’re in the list of known credentials, create an access_token, return it,
  • /api — receive authorization header, check if access_token is in list of valid tokens.

Since oAuth tokens are short lived, the server also has to invalidate expired tokens.

Getting a Akka HTTP-based backend up and running on Heroku for free can be done in less then 30 minutes — if you know the tricks.