Rails Tricks
Archive
24 Oct
Ruby on Rails password validation - Rails Tricks Issue 21
This week, I want to cover a common compliance requirement. If you ever went through a PCI, ISO 2007, SOC2, or similar compliance questionnaire, you found the following question in one form or another:
Use sufficiently strong and robust authentication methods to protect authentication credentials from being forged, spoofed, leaked, guessed, or circumvented.
10 Oct
Rack Attack 404 errors and custom response message - Rails Tricks Issue 20
This week I will show you another Rack Attack trick.
But before I get to that, I’d like to let you know that my book is finally done and if you want to learn about how to avoid security issues during code review, you should read it: Secure code review for Rails Developers .
26 Sep
Rails form_with
This week I want to tell you about the form_with Rails helper. It was introduced in Rails 5.1, and the goal of this helper was to unify the form_for and the form_tag helpers. form_for requires a model instance or a scope and puts the attributes into a hash, so usually when you needed a form in the past where you didn’t want to put them scoped into a hash, you used form_tag.
05 Sep
Throttling Rails logins with Rack Attack
Hello!
This week, I will show you how to rate-limit your authentication endpoints with Rack::Attack.
This week, I will show you how to rate-limit your authentication endpoints with Rack::Attack.
Rack::Attack is a middleware for blocking or throttling requests based on rules. It uses the configured cache store of Rails to store the necessary data, but a separate data store can be configured too.
29 Aug
Dependent Dropdowns with Hotwire - Rails Tricks Issue 17
This week I will show you how to make dependent dropdowns with Hotwire!
I will use a toy app as an example. This app will have a page where addresses can be created. The address will consist of a country, a state, a city, and a postcode. Except for the postcode, we will have a list of options coming from the database and when the user selects the country, we load the states for the selected option. When the user selects the state we will load the cities in that state. Let’s start by generating a Rails app, the necessary models and a scaffold for the address.
I will use a toy app as an example. This app will have a page where addresses can be created. The address will consist of a country, a state, a city, and a postcode. Except for the postcode, we will have a list of options coming from the database and when the user selects the country, we load the states for the selected option. When the user selects the state we will load the cities in that state. Let’s start by generating a Rails app, the necessary models and a scaffold for the address.