Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.

#285 Where we talk about UIs and Python

May 25, 2022 00:50:54 42.93 MB Downloads: 0

Watch the live stream:

Watch on YouTube

About the show

Sponsored: RedHat: Compiler Podcast

Special guests

  • Mark Little
  • Ben Cosby

Michael #1: libgravatar

  • A library that provides a Python 3 interface to the Gravatar APIs.
  • If you have users and want to show some sort of an image, Gravatar is OK
  • PyPI uses this for example (gravatar, not necessarily this lib)

Usage:

    >>> g = Gravatar('myemailaddress@example.com')
    >>> g.get_image()
    'https://www.gravatar.com/avatar/0bc83cb571cd1c50ba6f3e8a78ef1346'

Brian #2: JSON to Pydantic Converter

  • Suggested by Chun Ly, “this awesome JSON to @samuel_colvin's pydantic is so useful. It literally saved me days of work with a complex nested JSON schema.“
  • “JSON to Pydantic is a tool that lets you convert JSON objects into Pydantic models.”
  • It’s a live site, where you can plop JSON on one the left, and Pydantic models show up on the right.
  • There’s a couple options:
    • Specify every field as Optional
    • Alias camelCase fields as snake_case
  • It’s also an open source project, built with FastAPI, Create React App, and a project called datamodel-code-generator.

Mark #3: tailwindcss, tailwindui

  • Not python, but helpful for web UI and open source business model example
  • tailwindcss generates CSS
  • Used on the Lexchart app
  • Benefits of tailwindcss and tailwindui:
    • Just-in-Time makes it fast. Output includes only classes used for the project.
    • Stand on shoulders of design thinking from Steve Schoger and Adam Wathan. See also refactoingui.com.
    • Use in current projects without CSS conflicts. Custom namespace with prefix in tailwind.config.js. Bonus: custom namespace prefixes work with the tailwind plug-ins for VS Code and PyCharm.
    • Works well with template engines like, Chameleon. We use tailwind for our app UI. Toolbar template example.
    • Another example of docs and tutorials being a strategic business asset.
  • Resources

Michael #4: PEP 690 – Lazy Imports

  • From Itamar
  • Discussion at https://discuss.python.org/t/pep-690-lazy-imports/15474
  • PEP proposes a feature to transparently defer the execution of imported modules until the moment when an imported object is used.
  • PEP 8 says imports go a the top, that means you pay the full price of importing code
  • This means that importing the main module of a program typically results in an immediate cascade of imports of most or all of the modules that may ever be needed by the program.
  • Lazy imports also mostly eliminate the risk of import cycles or crashes.
  • The implementation in this PEP has already demonstrated startup time improvements up to 70% and memory-use reductions up to 40% on real-world Python CLIs.

Brian #5: Two small items

  • pytest-rich
    • Suggested by Brian Skinn
    • Created by Bruno Oliveira as a proof of concept
    • pytest + rich, what’s not to love?
    • Now we just need a maintainer or two or three….
  • Embedding images in GitHub README
    • Suggested by Henrik Finsberg
    • Video by Anthony Sottile
    • This is WITHOUT putting the image in the repo.
    • Upload or drop an image to an issue comment.
      • Don’t save the comment, just wait for GitHub to upload it to their CDN.
      • GH will add a markdown link in the comment text box with a link to the now uploaded image.
      • Now you can use that image in a README file.
    • You can do the same while editing the README in the online editor.

Ben #6: pyotp

  • A library for generating and verifying one-time passwords (OTP).
  • Helpful for implementing multi-factor authentication (MFA) in web applications.
  • Supports HMAC-based one-time passwords (HOTP) and time-based one-time passwords (TOTP).
    • While HOTP delivered via SMS text messages is a common approach to implementing MFA, SMS is not really secure.
    • TOTP using an authenticator app on the user’s device such as Google Authenticator or Microsoft Authenticator is more secure, fairly easy to implement, and free (no SMS messaging fees and multiple free authenticator apps available for users).
    • TOTP works best by making a QR code available to simplify the setup for the user in their authenticator app. Lots of easy to implement QR code generators to choose from (qrcode is a popular one if you use javascript on the front end).

TOTP quick reference:

import pyotp

def generate_shared_secret():
    # securely store this shared secret with user account data
    return pyotp.random_base32()

def generate_provisioning_uri(secret, email):
    # generate uri for a QR code from the user's shared secret and email address
    return pyotp.totp.TOTP(secret).provisioning_uri(name=email, issuer_name='YourApp')

def verify_otp(secret, otp):
    # verify user's one-time password entry with their shared secret
    totp = pyotp.TOTP(secret)
    return totp.verify(otp)

Extras

Brian:

Michael:

Joke: Beginner problems