Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
De meilleurs identifiants grâce au composant Symfony UID
Slide 2
Slide 2 text
Hello :-) Thomas Calvet - fancyweb
Slide 3
Slide 3 text
A “name” that identifies “something”
Slide 4
Slide 4 text
A value that uniquely identifies a resource
Slide 5
Slide 5 text
The resource unicity depends of the perimeter
Slide 6
Slide 6 text
An elementary and essential knowledge for developers
Slide 7
Slide 7 text
Identifiers everywhere
Slide 8
Slide 8 text
What makes a good identifier?
Slide 9
Slide 9 text
Is one identifier format always enough?
Slide 10
Slide 10 text
Functional identifiers vs technical identifiers
Slide 11
Slide 11 text
Integer identifiers
Slide 12
Slide 12 text
Easy to use, to understand, to generate (auto increment) and performant 👍
Slide 13
Slide 13 text
Lexicographically sortable 👍
Slide 14
Slide 14 text
No content
Slide 15
Slide 15 text
Generable only by a central point (database) ⚠
Slide 16
Slide 16 text
Guessable (IDOR) /user/22 ⚠
Slide 17
Slide 17 text
Information leak ⚠
Slide 18
Slide 18 text
Provides no additional context 🤔
Slide 19
Slide 19 text
Random string identifiers
Slide 20
Slide 20 text
Generable offline, not guessable, can be prefixed 👍
Slide 21
Slide 21 text
Probably a little harder to use, to understand, to generate and a little less performant 🤔
Slide 22
Slide 22 text
Data fragmentation / not lexicographically sortable ⚠
Slide 23
Slide 23 text
UUIDs (Universally Unique IDentifiers)
Slide 24
Slide 24 text
3 UUIDs (canonical format)
Slide 25
Slide 25 text
RFC 4122
Slide 26
Slide 26 text
A very very very big integer (128 bits)
Slide 27
Slide 27 text
Theoretically unique because of the number of combinations
Slide 28
Slide 28 text
Identify a UUID version
Slide 29
Slide 29 text
Time based UUIDs (version 1 and 6)
Slide 30
Slide 30 text
Not lexicographically sortable UUID v1
Slide 31
Slide 31 text
MAC address leak UUID v1
Slide 32
Slide 32 text
Lexicographically sortable UUID v6
Slide 33
Slide 33 text
Random node UUID v6
Slide 34
Slide 34 text
Time based UUIDs make good primary keys
Slide 35
Slide 35 text
Timestamp leak ⚠
Slide 36
Slide 36 text
Name based UUIDs (version 3 and 5)
Slide 37
Slide 37 text
Hash of a namespace and a name
Slide 38
Slide 38 text
Reproductible
Slide 39
Slide 39 text
Version 3 = md5 Version 5 = sha1 Prefer version 5
Slide 40
Slide 40 text
Random based UUID (version 4)
Slide 41
Slide 41 text
Only randomness
Slide 42
Slide 42 text
Version 4 UUIDs are good for random values (eg: tokens)
Slide 43
Slide 43 text
Version 2? ⚠
Slide 44
Slide 44 text
ULIDs (Universally unique Lexicographically sortable IDentifiers)
Slide 45
Slide 45 text
A ULID (canonical format)
Slide 46
Slide 46 text
Timestamp (48 bits) Randomness (80 bits) Close to a UUID v6
Slide 47
Slide 47 text
Lexicographically sortable
Slide 48
Slide 48 text
github.com/ulid/spec
Slide 49
Slide 49 text
“Compatible” with UUID
Slide 50
Slide 50 text
UUIDs and ULIDs are generable offline 👍
Slide 51
Slide 51 text
Storing UUIDs and ULIDs ⚠
Slide 52
Slide 52 text
UUIDs and ULIDs sum up 🤔
Slide 53
Slide 53 text
UUIDs vs ULIDs 🤔
Slide 54
Slide 54 text
Integers vs strings vs U[U|L]IDs 🤔
Slide 55
Slide 55 text
Using UUIDs and ULIDs in PHP
Slide 56
Slide 56 text
composer require symfony/uid
Slide 57
Slide 57 text
No content
Slide 58
Slide 58 text
Integrated with other Symfony components
Slide 59
Slide 59 text
Not experimental anymore
Slide 60
Slide 60 text
Factories
Slide 61
Slide 61 text
Commands
Slide 62
Slide 62 text
Generate a UUID / ULID
Slide 63
Slide 63 text
Inspect a UUID / ULID
Slide 64
Slide 64 text
api.video study case
Slide 65
Slide 65 text
2 letters prefix 128 bits of randomness to base 62 A current identifier
Slide 66
Slide 66 text
The same identifiers everywhere
Slide 67
Slide 67 text
User eXperience and database issues
Slide 68
Slide 68 text
A clear prefix A ULID converted to base 58 New functional identifier
Slide 69
Slide 69 text
ULIDs converted to UUID canonical format New technical identifier
Slide 70
Slide 70 text
In the code
Slide 71
Slide 71 text
Transforming new identifiers (video_XXX) to VideoIdentifier
Slide 72
Slide 72 text
No content
Slide 73
Slide 73 text
No content
Slide 74
Slide 74 text
No content
Slide 75
Slide 75 text
Sum up
Slide 76
Slide 76 text
Issues solved vs increased complexity
Slide 77
Slide 77 text
Backward compatibility
Slide 78
Slide 78 text
Many possible solutions
Slide 79
Slide 79 text
Generating new identifiers for all existing resources
Slide 80
Slide 80 text
No content
Slide 81
Slide 81 text
Transforming legacy identifiers (viXXX) to VideoIdentifier
Slide 82
Slide 82 text
No content
Slide 83
Slide 83 text
No content
Slide 84
Slide 84 text
And so many more interesting challenges ;-)
Slide 85
Slide 85 text
Thank you