#AI Image Recognition with #CoreML and #Swift

April 15, 2018 Leave a comment

1ad4da1c-dbcc-4720-baea-3c9c00a9a443

Being able to recognise a object from an image is a super-easy thing to do, for humans, but for machines, it’s really difficult. But with Apple’s new CoreML framework it’s now possible to do this on-device, even when offline. The trick is to download InceptionV3 from Apple’s machine learning website, and import this file into your app. With this pre-trained neural network, it can recognise thousands of everyday objects from a photo.

This code is adapted from the London App Brewery’s excellent course on Swift, from Udemy, and the complete source code is available on Github here ; https://github.com/infiniteloopltd/SeaFood

Here’s the code

import UIKit
import CoreML
import Vision

class ViewController: UIViewController, UIImagePickerControllerDelegate, UINavigationControllerDelegate {

    @IBOutlet weak var imageView: UIImageView!
    
    let imagePicker = UIImagePickerController()
    
    
    override func viewDidLoad() {
        super.viewDidLoad()
        imagePicker.delegate = self
        imagePicker.sourceType = .camera
        imagePicker.allowsEditing = false
    }
    
    func imagePickerController(_ picker: UIImagePickerController, didFinishPickingMediaWithInfo info: [String : Any]) {
    
        let userPickedimage = info[UIImagePickerControllerOriginalImage] as? UIImage
        imageView.image = userPickedimage
        guard let ciImage = CIImage(image: userPickedimage!) else
        {
            fatalError("failed to create ciImage")
        }
        
        imagePicker.dismiss(animated: true) {
            self.detect(image: ciImage)
        }
    }
    
    func detect(image : CIImage)
    {
        guard let model = try? VNCoreMLModel(for: Inceptionv3().model) else
        {
            fatalError("Failed to covert ML model")
        }
        
        let request = VNCoreMLRequest(model: model) { (request, error) in
            guard let results = request.results as? [VNClassificationObservation] else
            {
                fatalError("Failed to cast to VNClassificationObservation")
            }
            
            print(results)
            
           
            self.ShowMessage(title: "I see a...", message: results[0].identifier, controller: self)
        }
        
        let handler = VNImageRequestHandler(ciImage: image)
        do
        {
            try handler.perform([request])
        }
        catch
        {
            print("\(error)")
        }
        
    }
    
    func ShowMessage(title: String, message : String, controller : UIViewController)
    {
        let cancelText = NSLocalizedString("Cancel", comment: "")
        
        let alertController = UIAlertController(title: title, message: message, preferredStyle: .alert)
        
        let cancelAction = UIAlertAction(title: cancelText, style: .cancel, handler: nil)
        
        alertController.addAction(cancelAction)
        
        controller.present(alertController, animated: true, completion: nil)
    }

    @IBAction func cameraTapped(_ sender: UIBarButtonItem) {
        self.present(imagePicker, animated: true, completion: nil)
    }
    
}

Advertisements
Categories: Uncategorized

#3dsecure #VbV #SecureCode handling with @Cardinity in #PHP

April 12, 2018 Leave a comment

3d-secure-1600x900-55.six-image.standard.510

I recently got set up with Cardinity (A PSP), and I was learning their API using their PHP SDK at https://github.com/cardinity/cardinity-sdk-php/

When I moved from test to live, I discovered that the result of my card was not success or failed, but pending – because 3D secure was activated on the card. Otherwise known as Verified by Visa or Mastercard Securecode.

What happens, is that you need to capture the Securecode url by calling

$payment->getAuthorizationInformation()->getUrl()

and the data to be posted in the PaReq parameter by calling

$payment->getAuthorizationInformation()->getData()

You also need to have a TermUrl – i.e. your callback URL, and MD – Which I used for the payment ID parameters set.

Once you get your callback, then you need to pull out the MD and PaRes from the form data, I’ve put them into $MD and $PaRes variables respectively, then you call

require_once __DIR__ . ‘/vendor/autoload.php’;

use Cardinity\Client;
use Cardinity\Method\Payment;

$client = Client::create([
‘consumerKey’ => ‘…’,
‘consumerSecret’ => ‘…’,
]);

$method = new Payment\Finalize($MD,$PaRes);
$payment = $client->call($method);
$serialized = serialize($payment);
echo($serialized);

… And you should get an object like the following back:

{
“id”: “……”,
“amount”: “10.00”,
“currency”: “EUR”,
“created”: “2018-04-12T14:28:40Z”,
“type”: “authorization”,
“live”: true,
“status”: “approved”,
“order_id”: “1234”,
“description”: “test”,
“country”: “GB”,
“payment_method”: “card”,
“payment_instrument”:
{
“card_brand”: “MasterCard”,
“pan”: “….”,
“exp_year”: 2021,
“exp_month”: 9,
“holder”: “Joe Bloggs”
}
}

Once this code is finished up, we will replace the paypal option on AvatarAPI.com to this Cardinity interface

Categories: Uncategorized

Quick #SQL #Performance fix for #slow queries

April 5, 2018 Leave a comment

quick-fix

Adding indexes to speed up slow queries is nothing new, but knowing exactly what index to add is sometimes a bit of a dark art.

This feature was added in SQL server management studio 2008, so it’s not new, but it changed one query that took 10 seconds to run, to run in under a second, so I can’t recomend this feature enough. – The 99.97% increase in the screenshot was real.

How does it work. you just press “Display execution plan” over your slow query, and if the “Missing index hint” appears in green, then apply it!, you just need to change give it a name.

Obviously, you can’t go overboard on applying indexes, since too many of them can lead to slower inserts and updates, and of course more disk space usage.

 

 

Categories: Uncategorized

Understanding #protocols in #swift

March 28, 2018 Leave a comment

doodle-arrow-pointing-left-right-22006717

Protocols are the Swift / Objective C name for Interfaces, as they would be known in .NET , C++ or Java. What they basically say, is that any object that is of this type will definitely handle a particular function call.

A really common thing to do in Swift is to pass data between two viewControllers. When you segue between them, then you get a reference to the destination viewController, and you can call methods and set properties on the destination viewController in order to pass data.

The issue is, that if you dismiss a view Controller, you are no longer seguing – and therefore have no reference to the destination view Controller in order to pass any data.

The trick is on the first view Controller, you set a reference to self (the first view controller) on the second view controller. Then, just before the second view controller dismisses itself, it can call methods and set properties on the reference that was set previously, in order to pass it’s data back.

override func prepare(for segue: UIStoryboardSegue, sender: Any?) {
let dest = segue.destination as! SecondViewController
dest.delegate = self
dest.textPassedViaSegue = “Hello World”
}

Now, this reference (delegate) can be of type FirstViewController, and that’s 100% fine. but you are then making the assumption that the only way to get to the SecondViewController is via the First one,  maybe, you may have a third view controller somewhere? – You are also perhaps exposing too much functionality when it’s not really needed.

So, instead of setting the reference to be of type FirstViewController, you could define a protocol (Interface) as follows;

protocol Callable
{
func calledFromOtherViewController(text : String);
}

And ensure that your first view controller implements this protocol (Interface) like so;

class FirstViewController: UIViewController, Callable {

func calledFromOtherViewController(text : String)
{
print(text)
}

Now, the reference on the Second View Controller can be of type Callable?

// delegate can defined as type FirstViewController
// but this is less flexible, in the case that
// this could be returning to multiple possible view controllers
var delegate : Callable? = nil

To see an example of this in action, you can clone this project on GitHub

https://github.com/infiniteloopltd/Segues

Categories: Uncategorized

Writing #Async code with #Swift

March 28, 2018 Leave a comment

Swift_2

I’ve just started to learn Swift, and I’m going to start posting some coding nuggets that for me, are quite a novel way that the language handles things. Async code is my first post on this language, since it’s really crucial for modern software development.

So, I’m working with the PlayGround, and in order to write code in the playground that does not immediately execute, you need to add two lines:

import PlaygroundSupport

PlaygroundPage.current.needsIndefiniteExecution = true

which means that the Playground may continue executing indefinitely.

Now, lets say we want to write some code that does something after 1 second (without freezing the UI), we would write:

DispatchQueue.global().async
{
sleep(1)
// Do Something
}

Then, if you wanted to wrap this in a function that, does something really simple, like add one to a number, then you would write:

func addOneAsync( input : Int, completion: @escaping (Int) -> Void){
DispatchQueue.global().async
{
sleep(1)
completion(input+1)
}
}

Since the last parameter is a function, it can be called using the following syntax;

addOneAsync(input: 3){ output in
print(output)
}
print(“hello”)

the output is then appears as

hello
4

Note, that the 4 appears after the hello, after 1 second, because the execution was deferred to a background thread. – Obviously, this is a contrived example, since you would never need to delay execution of a simple addition, but imagine you are doing a HTTP request, or a complex database query here.

 

Categories: Uncategorized

#HelloWorld for #Firebase for the web

March 8, 2018 Leave a comment

step1

While creating a demo site, which was purely static HTML page Payhook.co.uk, I decided that it would be worthwhile recording anyone who actually went to register on the website. My usual approach would have been the following

  • Create a SQL server database, with a ‘users’ table
  • Write C# code to insert into the users table
  • Write an ASPX page to receive an Ajax call and call the user insertion function
  • Write Javascript to post the fields to the ASPX page via Ajax.

All that is fine, and arguably more secure than the aproach listed below, but since my motivations were really more to learn about Firebase, let’s put security aside for now.

First, you go and create a Firebase project with Google, and insert the initialisation script in the page, which looks something like the following;

// Initialize Firebase
var config = {
apiKey: “xxxxx-xxxxx”,
authDomain: “xxx-xxx.firebaseapp.com”,
databaseURL: “https://xxxx-xxxx.firebaseio.com”,
projectId: “xxxx-xxxx”,
storageBucket: “”,
messagingSenderId: “xxxxx”
};
firebase.initializeApp(config);

That initialises the Firebase connection, but doesn’t really do much.

Now, the big Gotcha here, is that by default, the Firebase database is locked down, so you cannot read or write to it. Which is useless. Instead, I’m opening the doors right up, which makes it useless for security, but as I said, I’m glossing over that for now.

Press Database > Rules, and use this template;

{
“rules”: {
“.read”: true,
“.write”: true
}
}

Now, I’m going to use the push command to push a user object up to the database server. It’s NoSQL, so I don’t need to define a schema first.

firebase.database().ref().child(‘users’).push({
username: $(“#tbName”).val(),
email: $(“#tbEmail”).val(),
password: $(“#tbPassword”).val()
},
function () {
location.href = “dashboard.html”;
});

Here, tbName, tbEmail, and tbPassword were defined on the page as id’s for their respective text boxes. Also, you probably see that this code requires JQuery to be included and initialised.

The second parameter to push() is the callback, and is used to make sure the data is sent to Google Firebase before the user moves to the next page.

step2

And, to verify that everthing is there, you can log back into Google Firebase, and you can see the data displayed there.

This no-security approach to Firebase is only realy useful for storing data that you don’t care who sees or edits, like simple analytics, and certainly should never be used to store passwords, like this demo. But you should get the idea.

 

Categories: Uncategorized

Integrating #OpenYolo into a existing username/password login

March 6, 2018 Leave a comment

Login

When you first develop a website, everyone starts from the premise that the user creates an account and stores it in your own database, the idea of OAuth logins from Google / Facebook – only come as an afterthought as you start getting more users.

But then you have an issue, you have existing users that are authenticated against your own database, and other users that are going to be authenticated against Google YOLO.

I had the same issue with httpsImage.com where I just added OpenYOLO.

What I did was, when a signin happens with OpenYolo, I pass the response (email, name, token) back to the server. Which records the email address, and a random guid as the password, and returns the user account back to the client.

If the user is already registered, then it looks for a matching email address, and returns that account, without checking the password.

This now opens a serious security hole. If someone fakes the response from OpenYolo and includes an email address of another user, then they can become any user on the system.

This is where token validataion comes in, and it’s really important, since without it, you don’t know if your website is really talking to Google, or a hacker.

Where idToken is in the response from Google’s OpenYolo, now jCredential is as follows;
   {
         "aud": "xxxx.apps.googleusercontent.com",
         "sub": "xxxx",
         "email": "xxx.xxx@gmail.com",
         "email_verified": "true",
         "azp": "xxxx-.apps.googleusercontent.com",
         "exp": "xxx",
         "iss": "https://accounts.google.com",
         "jti": "xxx",
         "iat": "xxx",
         "nbf": "xx",
         "name": "xxx xxxx",
         "picture": "https://lh5.googleusercontent.com/xxxc/photo.jpg",
         "given_name": "xxx",
         "family_name": "xxx",
         "alg": "xxx",
         "kid": "xxxx"
}

Importantly, you can now be sure that the information is definitely from Google, and you should expect the email field to match the email field in the request. Otherwise you should fail silently,  since it’s probably a hacker.

I did find that OpenYolo doesn’t work with IE11, since it uses promises, but hey, you’ve always got your origional login system.

 

Categories: Uncategorized