devlog > microsoft

It's 2024 and implementing web auth still sucks

Captain's Log: Stardate 78017.3

I told myself I was going to take the day off from work today, but then I wanted to just finish one tiny little thing on the website auth... and here I am 6 hours later with auth kind of working.

I am sad to see that the state of web auth libraries is basically the same as it was 12 years ago, the last time I set up auth for a website. In fact in some ways it was more of a PITA this time, because the next-auth.js folks are up on their high horse about not using credentialed (email/password) logins, and trying to get everyone to just use oath2 providers. Which is a super annoying position, because when I run into a website that only does oath2, I leave. So clearly there's at least 1 user out there that hates this.

Anyway, because of their moral stance, the next-auth.js folks seem to have actively tried to make credentialed auth difficult, and the docs are terrible. But it is all still possible, obviously, and finally I've figured out how it is supposed to work. I now have a MongoDB instance running with basic user registration / login, though granted the visual style is atrocious at the moment.

But auth is probably the biggest hurdle to having product registration, so this is good progress. Now it's just a matter of creating the APIs and db tables for product registration, and then creating the simple UI to manage license activations (e.g. delete the license on your old windows laptop that exploded so you can install on a new one). This should go pretty quickly, I think.

Instanced instruments on the GPU

Captain's Log: Stardate 77965.4

Finally I'm back to writing code full-time , after doing some business-related stuff. I got Anukari, LLC approved as an Apple Developer and also for an EV code signing certificate, so I am now able to sign binaries for both MacOS and Windows in the most legitimate ways. The EV certificate is especially nice, because Windows should always automatically trust the software. This involved jumping through a significant number of hoops, but it's all done.

Today I wrapped up a few outstanding issues with the MacOS port. I fixed a couple of small crashes that I discovered, took care of some warnings that showed up with Clang 18, cleaned up a workaround for a stupid abseil-cpp bug, etc. I'm now at the point where I am considering work on the MacOS port "finished for now," which means that I'm not going to do further work there until the physics engine is completely finished, at which time I'll port it to Metal. In the meantime, I will continuously test my code changes on MacOS to make sure I don't break anything.

Now that the MacOS work is shelved, I am really excited to finally get back to work on the "voice instanced" physics mode. A few weeks ago I got the voice instancing working at the most basic level in terms of the GPU code: it runs two instances of the same instrument in parallel on separate OpenCL work units, and this works perfectly. This was the hardest part, I think. Now I just need to do all the plumbing work to run N instances (for N voices), and automatically allocate instances for new notes, and implement the time dilation stuff (which I described in detail a while back) that will make the pitches come out right.

I'm hoping that I'll be able to have basic automatic polyphony through voice instancing in the next week or two. This might be the last big physics feature I add before I change gears into "get an alpha test going" mode. Maybe.

Digitally signing binaries

Captain's Log: Stardate 77948.7

The last couple of days I've been caught up in rehearsals for a couple of shows that I'm doing over the next few weeks, so instead of trying to do hard programming work during the scattered time I have available, I have been doing business setup stuff instead.

The main goal right now is to get to where I can digitally sign any binaries that I release, so that they will run on MacOS and Windows without any annoying pop-ups about untrusted software, etc. I really don't want to do even early Alpha testing in a way where people have to run un-signed binaries. It looks bad, and also is a little bit dangerous. There's also a very small benefit in terms of tamper protection: when someone inevitably cracks the simple copy protection that Anukari will have, users that pirate it will see that it's untrusted software. Not that they'll care, but at least it will be easy to tell if a copy is legitimate.

For MacOS, this means getting an Apple Developer account verified. It's nice that you just deal with Apple, but their process is pretty opaque. At various steps things have gone wrong and it's really unclear why. But finally I got to what I think is the last business verification step, after previously jumping through the hoop of getting something called a D-U-N-S number (which is a whole other annoying bureaucratic story). Hopefully this will go through soon.

For Windows, Microsoft allows 3rd-party certificate authorities. Which in theory is cool since it's more open. But you essentially have two choices: (1) Digicert, which is ULTRA-expensive (like 4x the next-cheapest option), but extremely professional, and used by all the big software shops, and (2) all the other authorities, which are way cheaper but all feel a tiny bit sketchy in one way or another. Mostly the cheaper authorities seem like they have really bad customer service, or bad business practices, or send a bunch of your private info offshore, etc.

But anyway, I went with signmycode.com after discovering that the one that everyone recommends, ksoftware.net, is defunct. They've been good so far, and had a very good price for a Sectigo certificate. Right now the approval is all ready except the last detail of verifying the business phone number. This is annoying, since I'm going to have to take the call mid-rehearsal if that's when it comes in.

All that said, I am hoping to get these two certificate things done in the next week or so, which will be really exciting because they are the last frustrating bureaucratic hurdles I need to jump in order to start releasing the software to people. Of course... I do need to finish the software first, too. 😄

Loading...

© 2024 Anukari LLC, All Rights Reserved
Contact Us|Legal