Starting to build casually.io

Jan 30, 22

While out on my walk yesterday, I realised that I was still struggling to come up with inspiration for what the site should do/be.

However, I knew I wanted to try out some new approaches to structuring an app.

So, the natural thing to do is to just start building and hope inspiration strikes.

With that in mind, I figured I would take the usual approach that most start ups will begin with. A landing page and email subscription be updated when we go live. A noice bit of funneling and lead generation.

It also raises some interesting technical questions that we need to address to get the marketing/landing page production.

  • Spam prevention (inbound and outbound)
  • Email validation
  • Request throtting

I have spent today really just dealing with point 0.5

As we will be hosting the website on the interwebs, it is critical that we don’t get spammed by bots who stumble across the site and send endless requests.

To combat this, we are taking a simple approach called ‘honeypotting’.

Essentially we will create an input form for humans that has two fields: first_name and email_address.

However, we will also add a third, hidden field that has a label in the HTML that reads “please do not fill in if you are human” (just in case a savvy user opens the dev tools).

If the form is submitted to the server and the hidden field has been completed, we will simply assume that the submitter is non-human and will not save the details into the database.

We are leveraging the invisible-captcha gem for this, as it is super easy to setup and appears to be well battle tested (currently has 900+ stars on github)

I have taken a methodical approach so far, utilizing test driven development as much as possibe, to get the little site up and running. Currently I have made it so that all emails are invalid, so no users can sign up.

The next job will be to create a robust email validation process, where we send an email confirmation to the uer with a UID, that can be returned to an endpoint to validate that they would actually like to sign up to the website.

I am using a service object style architecture, which appears to be working well (it’s certainly a lot easier to test).

Once the ‘shape’ of the app has been finalised, I think I will write up a full post to capture the knowledge.

Anyway - here is the landing page… Please feel free to have a fiddle

casually.io