The simplest thing that could possibly work…
This is one of the battle cries of the agile software movement. Agile is so prolific these days that I feel we’re loosing sight of the basics sometimes. My team at work just did a trial of a popular SCRUM tool and when faced with the prospect of migrating back to the corporate standard, they elected to stay with post-it’s, index cards and spreadsheets to manage their project. It’s working well.
But I digress. While implementing the Android application portion of our product, I find myself falling into a common trap for technical types. Specifically, as I’m working on a feature, class, view or some other major component of the application I keep trying to make it feature complete and fully bulletproof the first time. I know my partner falls into the same trap, but more focused on the aesthetics of the web interface. These things are critically important, but not now. We’re learning new technologies and it’s better to get these things out with limited functionality than to keep them in the incubator forever. I’ve probably lost a good day or two because I wanted our corporate logo displayed on a silly splash screen. What I should have been doing is focusing on the authentication logic and getting the application so it can login and exchange data with our Rails application.
So, in terms of login to our rails app, what is the simplest thing that could possibly work?
- A text field for name and password and a login button.
- An HTTP post to the Rails app with that data in cleartext.
- Parsing the response for success or failure.
Is that industrial strength? Absolutely not! But it is enough to get something deployed and working. You can add MD5 hashing, masking of the password fields, secure authentication, cookies, etc. later. So, as you do your development make sure you decompose things into the simplest thing that could possibly work. In this example, start with dumb unencrypted login with a user name and password. Next iteration, add masking of the password. Then, hash the password for security. Next add protection for cross site scripting vulnerabilities. Before you know it, you’re there…
A journey of a thousand miles begins with a single step. Lao-tzu 604-531 BC. I guess he was an agile software developer.
The Business is Pleasure blog has some more thoughts on keeping it simple…