...

what we think

Blog

Keep up with our latest news, tech advancements, and articles contributed by our staff. You will discover our official announcements, exciting events, technological insight, and our staff voice.
TECH

January 17, 2025

The History and Popularity of Programming Languages over the Last 40 Years

In our last article “Most popular programming languages in 2024”, we dived into the platform TIOBE and its latest data in relation to the most popular programming languages. We discovered that Python had attracted overwhelming popularity in 2024 because of the exploding demand for AI and data science. Besides Python well-known languages such as C++, C#, Java and JavaScript have maintained their strong positions in the programming language rankings of 2024, proving their long-term popularity.

Today, we will once again draw on index data from TIOBE. This time we will present an overview of shift in programming language popularity over the past 40 years. From 1984 until 2024 to gain a deeper understanding of the historical trajectory of these programming languages. We believe this article is important to understand vital technological milestones that been a big part of shaping the digital landscape as we see it today.

TIOBE Index

The TIOBE Index is one of the most recognized platforms globally for understanding programming languages and their popularity. It has been trusted and relied upon by developers, businesses, and researchers for many decades. To get a fuller insight into the TIOBE Index, its gauges, and why it still commands such respect within its sectors, we suggest that you refer to the in-depth overview enlisted in the link below.

Most popular programming languages in 2024

 

The History and Popularity of Programming Languages over the Last 40 Years

In this section, we will go deeper into how programming languages have developed in popularity over the past 40 years. We will look at the period from 1984 up until 2024 as reflected by the TIOBE Index.

 

Programming Language Popularity Ranking from 1984 to 2024

Programming Language Popularity Ranking from 1984 to 2024

 

Programming Language

1984

1989

1994

1999

2004

2009

2014

2019

2024

Python

-

-

23

24

7

7

7

3

1

C++

13

2

2

2

3

3

4

4

2

C

1

1

1

1

1

2

1

2

3

Java

-

-

-

3

2

1

2

1

4

C#

-

-

-

13

9

6

5

6

5

JavaScript

-

-

-

10

10

9

8

7

6

Go

-

-

-

-

-

-

35

18

7

Visual Basic

-

-

-

-

-

-

234

20

8

SQL

-

-

-

-

100

-

-

9

9

Fortran

11

9

5

17

14

25

30

29

10

Ada

3

4

7

12

16

26

32

35

24

Lisp

2

3

6

19

13

17

17

31

30

Objective-C

-

-

-

-

38

27

3

10

35

(Visual) Basic

4

5

3

4

4

5

41

-

-

* Average popularity ranking for the 12 months of each year

* "(Visual) Basic" originally encompassed all Basic dialects, including Visual Basic. Since 2011, after splitting these variants into distinct categories (Visual Basic .NET, Classic Visual Basic, etc.), the major implementation, Visual Basic .NET, is now referred to simply as "Visual Basic."

* SQL, despite its age, was only added to the TIOBE Index in 2018 after it was pointed out to be Turing complete, resulting in a relatively short presence there.

 

1984 would be the year that really mattered for the IT industry and Apple. It was the year when Apple launched the first personal computer called Macintosh, with a graphical user interface (GUI). In its wake, Microsoft rolled out its very first operating system, Windows 1.0, in 1985. This time also marked an era for PCs as we know it today and is symbolic starting point for the 40 years journey.

A broad look at the TIOBE Index trends from 1984 to 2024 reveals that the most popular programming languages have changed dramatically in tandem with available computing resources, evolving software development methodologies, and shifting industry structures.

Back in 1984, the programming language C was dominating. Remarkably, even after four decades, C still ranks near the top of the programming language ranking in 2024. However, Python has now ascended to become the undisputed leader among today’s most popular programming languages.

This long-term trajectory underscores a fundamental pattern: a steady shift from low-level to high-level languages, and eventually toward specialized languages thriving in cutting-edge domains.

Next, let's take a look at the changes of popular programming languages in each decade from the 1980s to the 2020s.

 

1980s–1990s: The Era of C, Fortran, Lisp, and Ada

Since 1984, the programming language C has proved its importance and efficiency at a time where limited capabilities and resources were available. Meanwhile, languages like Lisp, Ada, and Fortran rose to prominence, particularly in scientific computing and embedded systems. These languages served as the cornerstone of computer engineering and computational science at the time. Today, C is still one of the most popular choices for systems programming.

 

2000s: The Ascent of Java and C++

Around the late 1990s and early 2000s, the rise of the Internet and object-oriented programming boosted the popularity of Java and C++. While C remained strong, holding the No.1 spot in 2004 and almost maintaining it in 2009, Java surpassed C to claim the top position in the TIOBE index by 2009. C++ enjoyed strong popularity, placing third in both 2004 and 2009 and claimed its status among the most popular programming languages. Meanwhile, as Windows dominated the PC market, Microsoft’s C# saw increasing growth, climbing to sixth place by 2009.

 

2010s: The Rise of Python

The technologies of data science, AI, and machine learning propelled the 2010s and changed rankings in popular programming languages. Python, ranked seventh in 2014, gushed to third by the TIOBE index by 2019. Its mighty repositories, frameworks, and unmatched versatility in data, AI, and Python scripting all played a big part in this rise.C retained the big number one spot in 2014 and the second place by 2019. During that time, JavaScript became solidified as the de facto front-end development language, whereas Go found its place as a cloud-native. Languages like Objective-C were briefly to spike due to iOS development, soon to yield prominence to the new laurel, Swift.

 

2020s (until mid-2020s): Python’s Unstoppable Lead and the Enduring Legacy Languages

By 2024, Python had firmly established itself as the leading language in the programming language ranking, leaving its nearest competitors far behind. The unrelenting demand for AI, machine learning, and data science propelled Python to become the industry’s “common language,” bridging developers across countless domains. Meanwhile, legacy languages like C++ and C remain popular mainstays, and Java, C#, and JavaScript—pillars of the 2000s and 2010s—continue to command strong positions.
Languages like Fortran, Ada, and Lisp, developed in earlier eras, still play vital roles in niche sectors where their unique capabilities are indispensable. In the 2020s, cutting-edge technologies coexist with these legacy systems, reflecting the rich and diverse landscape of modern programming languages.

 

Conclusion

In the 40 years from 1984 to 2024, as technology has evolved significantly, the computing and business environments have also changed dynamically. Following these changes, various programming languages have risen and fallen.

When hardware resources were a constraint, C, Lisp, Ada, and Fortran were widely used, when the demand for commercial enterprise applications expanded, Java was one of the most popular programming languages. And in the AI era of 2024, Python had firmly claimed the top spot in the programming language ranking.

After 2025, which programming languages will become more popular in the ever-innovating IT ecosystem? It will be important to keep an eye on the ever-changing trends in programming languages.

 

About ISB Vietnam

ISB Vietnam (IVC) is at the forefront of the rapidly changing programming trends and is aligned with an intelligently reliable partnership with a trustworthy company being attuned to this moving technology-based landscape.

As a leading IT outsourcing company with 20 years of experience, we are experts to deliver innovative, high-quality, and cost-effective solutions that exceed the expectation of our partners.

For inquiries or to discuss how we can help make your project a success, don’t hesitate to contact us.

View More
NEWS

December 27, 2024

Celebrating Team Spirit at the JCCH Futsal Tournament

In November 2024, ISB Vietnam company (IVC) had the privilege of participating in the annual Futsal tournament organized by the Japan Chamber of Commerce and Industry in Ho Chi Minh City (JCCH). This event has become a highly anticipated occasion, eagerly awaited by our football club players and enthusiastic supporters across the company.

Despite the early start on that day, both our players and cheering squad showed up bright and early, brimming with energy and excitement.
Immediately after the brief opening ceremony, the stadium heated up with matches. The football field became a vibrant stage where teamwork and determination were vividly on display. It was a remarkable setting to witness the unbreakable bond and fiery passion of our team.

With relentless team spirit and the unwavering support of our fans, our team advanced through the group stage, scoring over 10 fantastic goals. Each goal showcased the exceptional skill and dedication of our players, making every match a thrilling experience for both the team players and supporters.

The day was undoubtedly a resounding success, filled with exciting moments and unforgettable memories. Our team played with our hearts, fueled by a shared love for football. Beyond the excitement of the matches, this event strengthened our team spirit, enhancing cooperative relationships that help us collaborate effectively in daily work.

Congratulations to our incredible team for achieving goals and delivering an outstanding performance. A heartfelt thank you goes to all the supporters who cheered tirelessly and to the event organizers for creating such a meaningful opportunity for us to come together through sports. Special thanks as well to our company’s board of directors for enabling us to take part in this enriching event.

Let’s relive the highlights of this unforgettable day through some snapshots below. We look forward to next year’s tournament and another chance to play, cheer, and celebrate as one united team!

View More
SDGs

December 27, 2024

A Heartwarming Journey Back to SOS Children's Village Go Vap

In December 2024, we had the privilege of revisiting SOS Children's Village Go Vap for a heartwarming charity trip. This visit was more than just an act of giving; it was an opportunity to reconnect, reflect, and witness the positive changes in the lives of the children we care so much about.

As we arrived, we were greeted with smiles that seemed even brighter than before. The children—many of whom we had met on previous visits—looked more grown-up, their eyes shining with joy and hope. Their enthusiasm was contagious, and it was clear that the nurturing environment of SOS Village continued to play a significant role in their development.

Throughout the day, we engaged in meaningful conversations, funny games, shared laughter, and created new memories with the children. Their stories of growth and determination left a lasting impression on us all. It was inspiring to see how much they had achieved in such a short time, thanks to the dedicated care of their SOS mothers and the supportive community around them.

This successful charity trip would not have been possible without the unwavering support of our company’s leadership and our incredible team members. A heartfelt thank you to the management for prioritizing this initiative and ensuring every detail was thoughtfully planned. To our colleagues who contributed time, resources, and effort—your generosity and kindness made this journey truly special. Together, we brought not only material gifts but also the invaluable gift of connection and compassion.

As we left the village, we carried with us a renewed sense of purpose and a commitment to continue supporting these children and their dreams. The visit reminded us of the profound impact we can make when we come together to care for those in need.

Here’s to many more opportunities to spread love and kindness. Thank you once again to everyone who made this day possible. Let’s keep the spirit of giving alive as we look forward to a brighter future for all.

 

View More
TECH

December 19, 2024

Most popular programming languages in 2024

As 2024 comes to an end it is time to look back at an eventful year in the IT landscape. AI is again writing headlines together with other cutting-edge technologies such as cybersecurity, cloud infrastructure and autonomous vehicles. Following these technology trends, there has also been a shift in popular programming languages.

For example, the widely recognized ChatGPT—now virtually synonymous with AI—was primarily developed using Python. This close relationship between programming language popularity and technology trends underscores why it’s essential to monitor which languages are thriving.

To provide a clearer picture, we will in this article share valuable insights from the TIOBE Index, which publishes data on the popularity of programming languages, and why this website is relevant to follow for the latest programming trends in 2024.

TIOBE Index

 

The TIOBE Index

In this section, we will give a short introduction to the TIOBE Index published by TIOBE Software once a month. The index shows the most popular programming languages month by month and has received great acknowledgment from tech communities.
By measuring a given language’s presence across a variety of search engines and technology resources.
In other words, the TIOBE Index tracks the frequency and visibility of each language online. As a result, it offers an objective snapshot of how widely used, referenced, and discussed these languages are worldwide. This makes it an invaluable resource for developers, learners, and businesses evaluating which languages to adopt or invest in.

 

How the TIOBE Index Is Defined

The TIOBE Index evaluates popularity primarily through the number of search hits related to a particular programming language. Data is aggregated from about 25 authoritative sources, including major search engines and platforms like Google, Wikipedia, Bing, Microsoft, SharePoint, eBay, and Amazon.
By using search hits as a proxy for visibility, the index effectively benchmarks how much attention and usage each programming language garners. The TIOBE Index should not be viewed as an indicator of how technically advanced or superior a programming language is. It represents factors such as market trends, developers' interest, educational resources, and support and training from vendors.
Moreover, the methodology behind the TIOBE Index is standardized and consistently applied every month. The systematic way allows one to trace how the popularity of programming languages has changed over time. It offers decent insight into the evolution of the developer ecosystem, showing where the market is today and where it could go in the future.

 

2024 Programming Language Popularity Ranking

Now, it is time to focus on the latest data provided by the TIOBE Index on the most popular programming languages for December 2024. We now take a look at the first 10 programming languages before going on to the full top 50 list.

At the forefront, Python, in first place, stands as the dominant leader with the highest popularity. As of December 2024, Python's popularity rating is to stand at 23.84%, which is many steps ahead of C++ at 10.82% that comes in second place. This supremacy of Python is attributable to its main area of use- AI, machine learning, and data science along with web developing, automation, and infrastructure management.
Its flexibility gives it a status in a larger aspect in the industry.

C++, in second place, maintains a steady rating above 10%. Its enduring popularity comes from its unmatched performance capabilities—essential for system-level development, game engines, and embedded systems. Meanwhile, Java (9.72%) and C (9.10%), occupying the third and fourth spots respectively, remain fundamental workhorses in enterprise systems and mission-critical embedded environments. Their longstanding presence reflects stable, long-term demand across numerous industrial sectors.

In fifth place, C# (4.87%) retains support due to its integration with the .NET ecosystem, Azure services, and game development platforms like Unity. JavaScript (4.61%) stands firmly in sixth place, underscoring its role as the go-to language for front-end web development. With the support of TypeScript and other modern frameworks, JavaScript’s influence shows no signs of waning.

Go (2.17%), ranked seventh, continues to gain traction as a core language for cloud-native services and microservice architectures, leveraging efficient concurrency and a lightweight runtime. SQL (1.99%), in eighth place, remains an unshakable pillar of data-driven enterprises, powering databases and ensuring essential data operations. Visual Basic (1.96%) in ninth place, while older and more niche, still satisfies certain legacy system demands and specialized internal tools. Rounding out the top 10, Fortran (1.79%) persists as a hidden champion in scientific and high-performance computing (HPC) scenarios.

Overall, we see a landscape dominated by Python’s meteoric rise, stable performances from time-tested giants like C/C++/Java, and strong footholds for languages like Go and SQL that excel in specific domains. As we move into 2025, generative AI and cloud-native technologies are set to change which programming languages are most popular. It's important for businesses, developers, and learners to keep up with these trends to stay ahead.

Below is the list of the top 50 programming languages in the 2024 programming language popularity ranking.

 

2024 Programming Language Popularity Ranking TOP50

Ranking Programming Language Ratings
1 Python 23.84%
2 C++ 10.82%
3 Java 9.72%
4 C 9.10%
5 C# 4.87%
6 JavaScript 4.61%
7 Go 2.17%
8 SQL 1.99%
9 Visual Basic 1.96%
10 Fortran 1.79%
11 Delphi/Object Pascal 1.44%
12 PHP 1.39%
13 Scratch 1.33%
14 Rust 1.29%
15 MATLAB 1.09%
16 R 1.05%
17 Assembly language 1.04%
18 Ruby 1.03%
19 COBOL 0.98%
20 Swift 0.98%
21 Lisp 0.97%
22 Prolog 0.90%
23 Kotlin 0.82%
24 Ada 0.72%
25 Classic Visual Basic 0.70%
26 Perl 0.64%
27 Lua 0.64%
28 SAS 0.57%
29 (Visual) FoxPro 0.57%
30 Haskell 0.54%
31 Scala 0.51%
32 Julia 0.50%
33 Dart 0.47%
34 VBScript 0.41%
35 Objective-C 0.38%
36 Transact-SQL 0.37%
37 PowerShell 0.37%
38 Bash 0.33%
39 PL/SQL 0.27%
40 D 0.21%
41 Solidity 0.20%
42 TypeScript 0.20%
43 GAMS 0.20%
44 ABAP 0.19%
45 Awk 0.17%
46 X++ 0.16%
47 RPG 0.15%
48 Elixir 0.15%
49 ML 0.14%
50 Clojure 0.14%

 

2024 Monthly Trends in Programming Language Popularity

Next, let’s examine the monthly rating changes throughout 2024. The year’s TIOBEs index data suggests that programming language popularity evolved significantly along multiple dimensions—ranging from specialized niche demands to the steadfast stability of legacy languages. By analyzing these month-by-month trends, we gain deeper insights into how these languages adapted and surged in response to industry needs.

2024 Monthly Trends in Programming Language Popularity

Programming Language Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Python 13.97% 15.16% 15.63% 16.41% 16.33% 15.39% 16.12% 18.04% 20.17% 21.90% 22.85% 23.84%
C++ 9.96% 10.53% 10.70% 9.76% 9.53% 10.03% 10.34% 10.04% 10.75% 11.60% 10.64% 10.82%
Java 7.87% 8.88% 8.95% 8.94% 8.69% 8.40% 8.59% 9.16% 9.45% 10.51% 9.60% 9.72%
C 11.44% 10.97% 11.17% 10.21% 9.98% 9.23% 9.48% 9.17% 8.89% 8.38% 9.01% 9.10%
C# 7.16% 7.53% 7.54% 6.77% 6.49% 6.65% 6.72% 6.39% 6.08% 5.62% 4.98% 4.87%
JavaScript 2.77% 3.17% 3.38% 2.89% 3.01% 3.32% 3.79% 3.91% 3.92% 3.54% 3.71% 4.61%
Go 1.38% 1.73% 1.56% 1.85% 1.60% 1.93% 2.19% 2.03% 2.35% 2.02% 2.35% 2.17%
SQL 1.46% 1.82% 1.92% 1.61% 1.44% 1.75% 2.04% 2.21% 1.94% 1.64% 1.94% 1.99%
Visual Basic 1.60% 1.52% 1.42% 1.70% 2.01% 1.66% 2.08% 2.18% 2.70% 2.35% 1.95% 1.96%
Fortran 1.09% 1.40% 1.22% 1.47% 1.24% 1.53% 2.05% 1.79% 1.78% 1.80% 1.97% 1.79%

 

Python: Dominating AI & Data Science

Python’s ascent in 2024 is nothing short of extraordinary. From 13.97% in January to 23.84% in December, the language saw a roughly 10-point surge. Backed by a powerful ecosystem of machine learning frameworks, large language models (LLMs), and comprehensive libraries, Python’s role in AI, data science, and cloud-based development positioned it as the undisputed market leader. Its extensive toolkit, ease of learning, and productivity gains create a virtuous cycle that further cements its standing atop the program language ranking.

 

C++, Java, and C: Evolving Foundations

Occupying the tier right behind Python, C++ (10.82%), Java (9.72%), and C (9.10%) maintained their prominence in 2024. C++ enjoyed stable demand in performance-critical areas such as systems software and embedded development. Java preserved its reputation as a trusted enterprise workhorse, adapting to cloud-native and microservices architectures and reliably holding its share in the high single digits. While C’s share dipped slightly, it remains indispensable for operating systems, firmware, and other low-level applications.

 

C# and JavaScript: Specialized Ecosystems and Mixed Fortunes 

C# dropped from 7.16% to 4.87% over the year, facing competition from Python and rising languages like JavaScript, though it remains important in enterprise software and game development. JavaScript, meanwhile, ended the year strong at 4.61%.

With web applications only growing more complex, JavaScript remains a cornerstone of front-end development. Its synergy with TypeScript and modern frameworks ensures it retains a central role in shaping the user experience on the web.

Overall, the TIOBE Index in 2024 highlights a dynamic, multifaceted ecosystem where established players, emerging challengers, and specialized solutions coexist. From the unstoppable rise of Python to the steady core of C/C++/Java and the evolving fortunes of languages like C# and JavaScript, this year’s data offers a revealing snapshot of the most popular programming languages and the forces that drive their continued transformation.

 

Conclusion

In this article, we've discussed the most recent rankings of programming languages popularity as of December 2024, with data from TIOBE Index. We also analyzed how these rankings and ratings transformed during the year. A view of the trends of 2024 shows that Python, riding high on the waves of the AI and data science revolution, has established itself as the language of our time.

Looking back on the entire year, we see a landscape marked by Python’s dramatic surge, the steady resilience of legacy languages like C, C++, and Java, and the evolving roles of languages like C#, JavaScript, Go, and SQL.
This new environment reflects an industry in constant change, responding to the demands of AI, cloud-native architectures, and specialized domains.
Heading into 2025, the programming landscape continues to evolve, with Python maintaining its dominance, C# facing pressure from competitors, and languages like JavaScript and Go gaining traction. Becoming aware of these trends helps developers, enterprises, and learners alike to adapt to changes in technology while tuning for subsequent innovations coming our way.

For a detailed insight into the popularity of programming languages from 1984 to 2024, as inferred from TIOBE Index, refer to the following article. If you're keen on getting an in-depth perspective on popular programming languages, we highly recommend reading it.

The History and Popularity of Programming Languages over the Last 40 Years

 

About ISB Vietnam

ISB Vietnam (IVC) is at the forefront of the rapidly changing programming trends and is aligned with an intelligently reliable partnership with a trustworthy company being attuned to this moving technology-based landscape. As a leading software development and offshore services provider, we specialize in delivering high-quality and cost-efficient solutions for our partners for the past 20 years.
For any inquiries related to IT Outsourcing Solutions, we are the right partner.
Don’t hesitate to contact us to discuss how we can work together to make your project a success.

View More
TECH

December 7, 2024

CakePHP 4: How to implement authorization.

In the previous sections, I introduced how to create a login feature for a website developed based on the CakePHP framework.

CakePHP 4: How to Create a Login Function.

CakePHP 4: How to Create a Token-Based Login Function.

In this article, I introduce how to implement authorization in an application using the CakePHP framework by utilizing the Authorization plugin.

1, Installation

We install the plugin with composer using the command below:
php composer.phar require "cakephp/authorization:^2.0"
The Authorization plugin integrates with the CakePHP application as both a middleware layer and a component to easily check authorization. In src/Application.php, implement the AuthorizationServiceProviderInterface interface and implement the getAuthorizationService() function as shown below.

class Application extends BaseApplication implements AuthenticationServiceProviderInterface, AuthorizationServiceProviderInterface
{
    /**
    * getAuthenticationService
    * @param ServerRequestInterface $request
    */
   public function getAuthorizationService(ServerRequestInterface $request): AuthorizationServiceInterface
   {
       $resolver = new OrmResolver();
       return new AuthorizationService($resolver);
   }
}

In the bootstrap() function, add the plugin as shown below:

/**
* Load all the application configuration and bootstrap logic.
*
* @return void
*/
public function bootstrap(): void
{
    // Call parent to load bootstrap from files.
    parent::bootstrap();

    // …

    // Load more plugins here
    $this->addPlugin('Authentication');
    $this->addPlugin('Authorization');
}

In the middleware() function, add the AuthorizationMiddleware.

/**
* Setup the middleware queue your application will use.
*
* @param \Cake\Http\MiddlewareQueue $middlewareQueue The middleware queue to setup.
* @return \Cake\Http\MiddlewareQueue The updated middleware queue.
*/
public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
{
    $middlewareQueue
    // …
    ->add(new BodyParserMiddleware())

    ->add(new AuthenticationMiddleware($this))
    ->add(new AuthorizationMiddleware($this));

    return $middlewareQueue;
}

In src/Controller/AppController.php, load the Authorization component in the initialize() function.

class AppController extends Controller
{
    /**
    * Initialization hook method.
    *
    * Use this method to add common initialization code like loading components.
    *
    * e.g. `$this->loadComponent('FormProtection');`
    *
    * @return void
    */
    public function initialize(): void
    {
      parent::initialize();
      // …

      $this->loadComponent('Authentication.Authentication');
      $this->loadComponent('Authorization.Authorization', [
          'skipAuthorization' => [
            'login','webLogin', 'logout' // functions do not need to check authorization.
          ]
      ]);
    }
}

 

2, Policies.

Policies are classes that resolve permissions for a given object. These classes will be stored in the src/Policy directory. We can generate a policy class for an entity or table using CakePHP's bake.

# Create an entity policy
bin/cake bake policy --type entity Article

# Create a table policy
bin/cake bake policy --type table Articles

3, Implement.

In this article, I will implement API authorization requirements in the table below using policy.

Title endpoints remark
Update an Article (PUT) /api/articles/{id}.json Can only be used by authenticated article writer users.
See like count on an article(GET) /api/articles/{article_id}/likes.json All users can see like count on an article.

 

For the API Update an Article (PUT), can only be used by authenticated article writer users. We check if the logged-in user is the owner of the article to determine the edit permissions.

class ArticlePolicy
{
    // …

    /**
    * Check if $user can edit Article
    *
    * @param \Authorization\IdentityInterface $user The user.
    * @param \App\Model\Entity\Article $article
    * @return bool
    */
    public function canEdit(IdentityInterface $user, Article $article): Result
    {
      $isAuthor = $this->isAuthor($user, $article);
      if ($isAuthor) {
          return new Result(true);
      }
      return new Result(false, 'Permission denied');
    }

    protected function isAuthor(IdentityInterface $user, Article $article)
    {
      return $user->getIdentifier() === $article->user_id;
    }

}

For the API See like count on an article(GET), all users can see like count on an article. In the LikePolicy class, the canView() function returns true so that all users can see the number of likes on the article.

/**
* Likes policy
*/
class LikesPolicy
{
    /**
    * Check if $user can view Likes
    *
    * @param \Authorization\IdentityInterface $user The user.
    * @param \App\Model\Entity\Likes $likes
    * @return bool
    */
    public function canView(IdentityInterface $user, Likes $likes)
    {
      return true;
    }
}

4, Testing.

For the API Update an Article (PUT), update the article with the user as the owner.

For the API Update an Article (PUT), update the article with a user who is not the owner. The expected result is that the article will not be updated.

For the API See like count on an article(GET), check with a user who is not logged in.

For the API See like count on an article(GET), check with a logged-in user who is not the owner.

You can find the complete source code at: https://github.com/ivc-phampbt/cakephp-authentication

Conclusion

I hope this article helps you understand how CakePHP integrates with the Authorization plugin to implement authorization and can be applied to projects related to CakePHP.

References

https://book.cakephp.org/authorization/2/en/index.html

https://www.rockersinfo.com/php-frameworks/cakephp-development-company/ [Image]

View More
TECH

December 7, 2024

Introduction About SOAP API

SOAP (Simple Object Access Protocol) is a protocol used to exchange structured information between systems over a network. It is based on XML and provides a way for applications to communicate using standard messaging formats. SOAP was designed with a focus on reliability, security, and extensibility, making it an excellent choice for enterprise-level applications. Despite being older than other web service protocols like REST, SOAP is still widely used in critical systems that require robust features.

What is SOAP?

SOAP is a protocol that defines a set of rules for structuring messages and allows communication between applications over different platforms and programming languages. A SOAP message is always an XML document, and it follows a strict structure that includes an envelope, header, body, and optionally, a fault element for error handling.

Key components of a SOAP message:

  • Envelope: The outermost part of the message, which contains all other elements.
  • Header: Contains metadata, such as authentication or routing information.
  • Body: The main content of the message, where the actual data is stored.
  • Fault: A part of the message for reporting errors, useful for debugging and issue resolution.

SOAP can work over various transport protocols like HTTP, SMTP, or JMS, and it is known for its reliability and security features, making it suitable for complex, transactional, and high-security applications.

When to use SOAP?

SOAP is particularly suited for scenarios that require high levels of security, reliability, and formal contracts between client and server. Here are some specific cases when SOAP is the ideal choice:

  1.  Enterprise Systems: SOAP is perfect for large-scale, mission-critical applications in industries such as banking, finance, or healthcare, where security and data integrity are essential. For example, SOAP is often used in payment processing systems, where transactions must be secure, reliable, and auditable.
  2. Transactional Systems: SOAP supports ACID (Atomicity, Consistency, Isolation, Durability) properties, making it ideal for applications that require guaranteed message delivery, such as financial transactions, stock trading systems, and order processing systems.
  3. Systems with Complex Security Requirements: SOAP has built-in security standards like WS-Security for message encryption, integrity, and authentication. This makes it suitable for applications in sectors such as government, healthcare, or defense, where data confidentiality and security are paramount. For example, SOAP is used in systems where encrypted communication is needed for the transmission of sensitive data.

Advantages of SOAP

  • High Security: SOAP supports WS-Security, which includes features like encryption, authentication, and message integrity, making it ideal for sensitive data transmission.
  • Reliability: SOAP supports WS-ReliableMessaging, ensuring that messages are delivered reliably, even in the event of network failure.
  • Extensibility: SOAP is highly extensible, allowing developers to build additional features such as transaction management, security, and messaging patterns.
  • Error Handling: SOAP has a built-in error-handling mechanism through the <fault> element, making it easier to identify and resolve issues in communication.
  • Formal Contracts: SOAP services are often described using WSDL (Web Services Description Language), which defines the service's structure and operations, ensuring that both the client and server understand the contract.

Disadvantages of SOAP

  • Complexity: SOAP messages are verbose due to their XML-based format, making them more complex and harder to work with compared to simpler protocols like REST.
  • Performance: The XML format adds overhead, making SOAP less efficient than other protocols, especially when large volumes of data need to be transferred.
  • Limited Flexibility: SOAP is rigid in its structure and requires developers to adhere to its strict rules, making it less flexible compared to REST, which is more lightweight and adaptable.

Comparing SOAP with REST

To better understand the differences between SOAP and REST, here is a quick comparison in a table format:

Feature SOAP REST
Protocol vs. Style

SOAP is a protocol with strict rules

REST is an architectural style, not a protocol

Data Format

XML

Typically JSON (but can also be XML)

Security

Built-in security (WS-Security)

Relies on HTTPS for security

Error Handling

Detailed error handling with <fault> element

Custom error messages via HTTP status codes

Performance

Slower due to XML overhead

Faster and more efficient with JSON

Stateful/Stateless

Can be stateful or stateless

Stateless by design

Ease of Use

More complex and harder to implement

Simpler to implement and easier to use

Use Case

Enterprise systems, financial transactions, healthcare

Web and mobile applications, lightweight services

 

Demo Example: SOAP Request for Weather Service

<?php
    $wsdl = "http://www.webserviceX.NET/WeatherService.asmx?WSDL";

    $client = new SoapClient($wsdl);

    $params = array(
        'CityName' => 'Ho Chi Minh',
        'CountryName' => 'Viet Nam'
    );

    try {
        $response = $client->__soapCall('GetWeather', array($params));

        echo "Weather Information: ";
        var_dump($response);
    } catch (SoapFault $e) {
        echo "Error: " . $e->getMessage();
    }
?>

 

Conclusion

SOAP remains a powerful option for applications that require robust security, reliability, and compliance with strict standards. Its use in industries such as finance, healthcare, and government proves its importance in scenarios where data integrity, encryption, and transaction management are essential.

 

References

View More
TECH

December 4, 2024

Some tips for jQuery performance improvement

jQuery is a popular Javascript library that developers often use for client-side development. Improving performance when working with jQuery involves understanding its best practices and optimizing your code for efficiency. Here are some tips along with sample code snippets to illustrate:

  1. Cache jQuery Objects:

    Instead of repeatedly querying the DOM for the same elements, cache them in variables.

    For example:

    $('.myElement').css('color', 'red');

    $('.myElement').addClass('highlight');

    Should be changed to:

    var $myElements = $('.myElement');

    $myElements.css('color', 'red');

    $myElements.addClass('highlight');

  2. Using Chaining

    When a DOM element undergoes a change, it allows for the chaining of similar object references into groups for execution. This enables the reuse of existing jQuery objects, eliminating the need for repetitive creation, improve performance.

    For example:

    $('#myContents').addClass('active');

    $('#myContents').css('border', '1px solid');

    $('#myContents').css('background-color', 'red');

    Should be changed to:

    $('#myContents').addClass('active').css('border', '1px solid').('background-color', 'red');

  3. Use Efficient Selectors

    jQuery selectors can be slow, especially complex ones. Use efficient selectors like IDs or classes with a tag name.

    For example:

    $('ul li[data-category="books"]:first-child');

    Should be changed to:

    $('#books-list li:first-child');
  4. Event Delegation

    Use event delegation for handling events on dynamically added elements. Attach event listeners to a parent container rather than individual elements.

    For example:

    $('.list-item').click(function() {
    // Handle click event
    });

    Should be changed to:

    $('.list-container').on('click', '.list-item', function() {
    // Handle click event
    });
  5. Use .on() instead of Shortcut Methods

    $.on() is more versatile and performs better than shortcut methods like .click(), .hover(), etc., especially when binding multiple events.

    For example:

    $('.button').click(function() {
    // Click handler
    });

    Should be changed to:

    $('.button').on('click', function() {
    // Click handler
    });
  6. Use .prop() for Boolean Attributes

    When dealing with boolean attributes like checked, use .prop() instead of .attr() for better performance.

    For example:

    $('input[type="checkbox"]').attr('checked', true);

    Should be changed to:

    $('input[type="checkbox"]').prop('checked', true);
  7. Minimize DOM Access in Loops

    If you're iterating over a collection of elements, cache your selections outside the loop to avoid repeated DOM queries.

    For example:

    $('.list-item').each(function() {
    $(this).addClass('processed');
    });

    Should be changed to:

    var $listItems = $('.list-item');
    $listItems.each(function() {
    $(this).addClass('processed');
    });

    By following these tips, you can significantly improve the performance of your jQuery code, making it faster and more efficient. Hope this helps!

    References:

    https://jquery.com/

    https://stackoverflow.com/questions/30672695/how-to-optimize-jquery-performance-in-general

    https://stackoverflow.com/questions/30672695/how-to-optimize-jquery-performance-in-general

    Image source: https://www.freepik.com/free-photo/html-css-collage-concept-with-person_36295465.htm

View More
TECH

December 4, 2024

Mocking Service Worker: API mocking library for Front-end development

A Mocking Service is a tool or technique used in front-end development to simulate back-end services during the development or testing phases. Instead of relying on actual APIs, a mocking service mimics the behavior of a real server by providing predefined responses to API requests. It allows front-end developers to work independently from back-end development. Even if the back-end API is not ready, front-end teams can continue building and testing their features using mock data.

View More
TECH

December 4, 2024

CakePHP 4: How to Create a Token-Based Login Function.

In the article on [CakePHP 4: How to Create a Login Function]. I have guided on how to create a login function using a web interface by combining Session and Cookie. In this article, I will guide you on how to create a token-based login and authentication function.

The steps to install the Authentication 2.0 plugin, create a controller, model, etc., have been guided in the article [CakePHP 4: How to Create a Login Function]. If you haven't read it, you can refer to the article at https://isb-vietnam.com.vn/cakephp-4-how-to-create-a-login-function/.

1, Understand Token-Based Authentication.

To understand how the login function works, you can see the diagram below:

In a token-based application, The server will create a JWT and send the JWT back to the client when the user logs in. In subsequent requests, the client will send requests to the server with the JWT included in the header. The server will check if the JWT is valid to respond.

2, Implement JWT in CakePHP 4.

By default the JwtAuthenticator uses HS256 symmetric key algorithm and uses the value of Cake\Utility\Security::salt() as encryption key. For enhanced security one can instead use the RS256 asymmetric key algorithm.

Create encryption key.

# generate private key

openssl genrsa -out config/jwt.key 1024

# generate public key

openssl rsa -in config/jwt.key -outform PEM -pubout -out config/jwt.pem

The jwt.key file is the private key and should be kept safe. The jwt.pem file is the public key. This file should be used when you need to verify tokens created by external applications, eg: mobile apps.

Implement.

In src/Application.php, change the source code to identify the user based on the subject of the token by using JwtSubject identifier, and configures the Authenticator to use public key for token verification.

public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface

{

$service = new AuthenticationService([

           'unauthenticatedRedirect' => Router::url('/login'),

           'queryParam' => 'redirect',

       ]);

//…

$service->loadIdentifier('Authentication.JwtSubject');

$service->loadAuthenticator('Authentication.Jwt', [

           'header' => 'Authorization',

           'secretKey' => file_get_contents(CONFIG . 'jwt.pem'),

           'algorithm' => 'RS256',

           'returnPayload' => false

       ]);

  return $service;

   }

In UsersController.php, create a login function as below.

public function login()

   {

       if ($this->request->is('post')) {

           $result = $this->Authentication->getResult();

           if ($result->isValid()) {

               $privateKey = file_get_contents(CONFIG . 'jwt.key');

               $user = $result->getData();

               $payload = [

                   'iss' => 'myapp',

                   'sub' => $user->id,

                   'exp' => time() + 3600, // 1 hour

               ];

               $json = [

                   'token' => JWT::encode($payload, $privateKey, 'RS256'),

               ];

           } else {

               $this->response = $this->response->withStatus(401);

               $json = [

                   "message" => __('The Username or Password is Incorrect')

               ];

           }

           $this->RequestHandler->renderAs($this, 'json');

           $this->response->withType('application/json');

 

           $this->set(['json' => $json]);

           $this->viewBuilder()->setOption('serialize', 'json');

       } else {

           throw new NotFoundException();

       }

   }

Testing.

We create APIs to verify the token-based login function with the rules as shown in the table below:

Title endpoints remark
Retrieve All Articles (GET) /api/articles.json Can only be used by all users.
Users can see information about articles and the total number of likes for each article.
Create an Article (POST) /api/articles.json Can only be used by authenticated users.

 

Perform login testing using Postman. In case of a successful login, a token will be returned.

 

Call API Retrieve All Articles (GET), Can only be used by all users.

Call API Create an Article (POST), can only be used by authenticated users.

The result is returned successfully with the token attached in the header.

The result is returned unsuccessfully because the token is not attached in the header.

You can find the complete source code at: https://github.com/ivc-phampbt/cakephp-authentication

Conclusion

In this article, I introduced a new login method called Token-Based Authentication and how web applications authenticate using tokens. I hope this article provides knowledge to help you build token-based login features more easily.

References

View More
TECH

December 1, 2024

Web Programming Series - Cypress - E2E Testing Tool

In the web development field, delivering bug-free user experience is critical.
So, Testing has become an integral part of the development lifecycle, ensuring the stability and reliability of applications before releases.
One tool that developers and testers usually trust is Cypress.
In this blog, we’ll explore what Cypress is, why it stands out in the testing landscape, and how to get started with this tool.
 

View More
1 2 3 4 25
Let's talk about your project! CONTACT US


At ISB Vietnam, we believe in making a positive difference to our clients through our software development outsourcing services.

As a prestigious offshore software development company in Vietnam, we've been providing top-notch solutions to numerous clients for over two decades since 2003.

Add the attachment *Up to 10MB