author photo

Articles by Diogo Souza

Diogo is a more of an explorer than a programmer. Most of the best discoveries are made prior to the code itself. if free_time > 0 read() draw() eat() end

 

Security Risks On Rails: Misconfiguration and Unsafe Integrations

In the third and final article of our series on the OWASP Top 10 Web Application Security Risks, we’ll explore the lesser-known risks associated with the development of web applications on Rails when it comes to threats involving security misconfiguration, JSON escaping, etc.

Understanding and implementing OAuth2 In Node.js

OAuth2 is everywhere. From "Login With Facebook" buttons to back-end API authentication. But how does it work? In this article, Diogo Souza will give us a gentle introduction to the big concepts behind OAuth2, then walk us through implementing it in Node.js.

Rails Security Threats: Authentication

Authentication is at the heart of most web development, yet it is difficult to get right. In this article, Diogo Souza discusses common security problems with authentication systems and how you can resolve them. Even if you never build an authentication system from scratch (you shouldn't), understanding these security concerns will help you make sure whatever authentication system you use is doing its job.

Rails Security Threats: Injections

One of the best things about Rails is that it protects your app from a wide variety of injection attacks with minimal development effort. But we're never 100% safe. After all, Rails can't protect us from our own bad decisions. We need to understand the threats so we know when we can lean on Rails and when we can't. In this article, Diogo Souza introduces us to the OWASP Top 10 list of vulnerabilities and dives into injection vulnerabilities to show us how rails protects us against them and how we can protect ourselves.

Which is fastest? ERB vs. HAML vs. Slim

A fast app means happy users. The speed that your pages render depends on which templating system you use. In this article, Diogo Souza puts the three most popular Ruby templating engines to the test to see which is fastest. In the process, he shows us how to construct benchmarks and do our own investigations into performance.

Logging in Ruby with Logger and Lograge

Logging is tricky. You want logs to include enough detail to be useful, but not so much that you're drowning in noise - or violating regulations like GDPR. In this article, Diogo Souza introduces us to Ruby's logging system and the LogRage gem. He shows us how to create custom logs, output the logs in formats like JSON, and reduce the verbosity of default Rails logs.

Understanding and Implementing OAuth2 in Ruby

Let me know if this feels familiar. Your users want to "login with GitHub," so you install a gem, follow the setup instructions, then pray it never needs maintenance because you have no real idea how OAuth2 works. Let's fix that. In this article, Diogo Souza shows us the fundamental concepts behind OAuth2 and how to implement them using Devise and Doorkeeper.

Get the Honeybadger Newsletter

Join our community of kick-ass developers as we learn engineering, DevOps, and cloud architecture.

    We'll never spam you; we will send you cool stuff like exclusive content, memes, and swag.

    An advertisement for Honeybadger that reads 'Move fast and fix things.'

    "This was the easiest signup experience I've ever had. Amazing work." — Andrew McGrath

    Get started for free
    Simple 5-minute setup — No credit card required
    Honeybadger's logo: a lightening bolt inside of a diamond shape.
    Product
    Stacks
    Company
    Resources
    Switching to Honeybadger