How to Implement Login with GitHub Safely
A practical server-side GitHub OAuth login flow using state validation, authorization code exchange, GitHub user lookup, and a local session.
Frontend
5 posts
React key Is Not Just a List Optimization
A practical explanation of how React key participates in component identity, why changing it resets state, and when that is the right tool.
Internationalization for Large Mini Programs: Engineering Lessons from Didi
A review of Didi Mini Program internationalization, covering copy governance, Mini Program runtime constraints, WXS-based translation, cross-platform adaptation, and team workflow.
Package Size Governance for Large Mini Programs: Lessons from Didi
A review of Didi Mini Program package size optimization, covering size budgets, dependency analysis, subpackages, npm dependency placement, and architecture tradeoffs.
Why Cookies Fail in CORS: From withCredentials to SameSite
CORS cookies depend on more than withCredentials. The server CORS headers, Cookie Domain, SameSite, Secure, and third-party cookie policy all matter.