Authentication is at the heart of most web development, yet it is difficult to get right. In this article, Diogo Souza discusses common security problems with authentication systems and how you can resolve them. Even if you never build an authentication system from scratch (you shouldn't), understanding these security concerns will help you make sure whatever authentication system you use is doing its job.
In earlier installments of this series, Alex Stoll guided us through creating a lexer and a parser. These translated the human-readable source code into data structures. In this article, he begins work on the interpreter - the bit that actually runs our code!
Ruby's flexibility has always been both its greatest strength and its greatest weakness. You can write amazingly expressive programs. You can also slip and break them in amazingly expressive ways. RBS is a new type annotation system in Ruby 3 that seeks to keep ruby's flexibility while protecting us from some of its dangers. In this article, Julio Sampaio walks us through RBS. He explains the impact it has on metaprogramming, and he shows us how we can use it to make our own apps more robust.
Ruby lets you express yourself like few other languages, with a minimum of boilerplate. It's fantastic until it isn't. Until one day when you think you're calling the `foo` method you wrote last week, but instead, you end up calling a `foo` method that came with some gem from 2008. In these situations, knowing about Ruby's method lookup rules will save your bacon.
One of the best things about Rails is that it protects your app from a wide variety of injection attacks with minimal development effort. But we're never 100% safe. After all, Rails can't protect us from our own bad decisions. We need to understand the threats so we know when we can lean on Rails and when we can't. In this article, Diogo Souza introduces us to the OWASP Top 10 list of vulnerabilities and dives into injection vulnerabilities to show us how rails protects us against them and how we can protect ourselves.
To decide on a front-end for your Rails app, you need a feel for the options. Does a certain JS framework speak to you or does it make you feel dirty inside? There's only one way to find out! In this article, Julio Sampaio walks us through creating an React app from scratch and integrating it with a Rails back-end via webpacker.
There are lots of ways to sort data. Insertion sort is particularly interesting because it sorts the data in place and is pretty easy to understand. Of course, most of us just use the #sort method. But interviewers still love to ask questions about sorting algorithms and related topics like Big-O notation. In this post, you'll learn not only how insertion sort works but also how to implement it yourself in ruby.
If you've ever checked the environment in your Rails app with Rails.env.production? you've used a fascinating little utility class called StringInquirer. In this post, Jonathan Miles dives into the rails codebase to show us exactly how StringInquirer works and how we can bring a little of its magic to our own apps.
Before you can decide on a front-end for your Rails app, you need a feel for the options. Does a particular JS framework speak to you or does it make you feel dirty inside? There's only one way to find out! In this article, Julio Sampaio walks us through creating an Angular app from scratch and integrating it with a Rails back-end via webpacker.
The fastest web page is one you've already loaded. Browsers love to avoid round-trips by caching assets. And HTTP provides ways for us to tell browsers what's changed and what hasn't - so they make the right decisions. In this article, Jonathan Miles introduces us to HTTP caching and shows us how to implement it in Rails.
A fast app means happy users. The speed that your pages render depends on which templating system you use. In this article, Diogo Souza puts the three most popular Ruby templating engines to the test to see which is fastest. In the process, he shows us how to construct benchmarks and do our own investigations into performance.
As developers, we spend way more time maintaining and changing code than we do writing it. By optimizing for change through SOLID design principles, we can avoid a lot of pain. In this article, Milap Neupane introduces us to SOLID, explains each principle in-depth, and shows us how to apply them in Ruby.
Logging is tricky. You want logs to include enough detail to be useful, but not so much that you're drowning in noise - or violating regulations like GDPR. In this article, Diogo Souza introduces us to Ruby's logging system and the LogRage gem. He shows us how to create custom logs, output the logs in formats like JSON, and reduce the verbosity of default Rails logs.
What makes Rails magical? It just might be its code loader. Put a few files in the right places, and - presto! - you have a web app. When you use a class, Rails handles the include so you can stay focused on your code. But this magic isn't just for Rails! You can add thread-safe code loading to your own apps via the Zeitwerk gem. In this article, Olasubomi introduces us to Zeitwerk and shows us how to integrate it with our own projects.
We don't get to choose our families. Some of us don't even get to choose our databases. What do you do if you have the bad luck to inherit a database with non-unique ids? In this case study, Regan Ryan shows us how his team faced the challenge.
ActiveRecord makes accessing your database easy, but it can also help make it faster by its intelligent use of caching. In this article, Jonathan Miles shows us the tricks that Rails uses to ensure that your database isn't doing more work than it needs to.
For quick, scalable, highly-available web services, few options compare to AWS Lambda. Just provide your code, add a little configuration, and you're done! In this article, Milap Neupane will introduce us to Lambda, show us how to get it working with Ruby and the Serverless Framework, and discuss reasons to use — or to not use! — Lambda in production.
Every Rails app has a breaking point; a level of activity that it simply cannot handle. Your braking point depends on big architectural decisions, yes — and also on the tiniest changes committed by your most junior developer. That's why it's vital to regularly test your application's performance under load. In this article, Milap Neupane gives us a Rails-centric introduction to load testing with a powerful open-source tool called JMeter.
Many of the concepts you're already familiar with as a web developer are applicable in Go. In this article, Ayooluwa Isaiah shows us how middleware, templating, and other aspects of the go language work together to create a coherent web-development experience.
You'll probably never implement sorting from scratch. But sorting algorithms are foundational in computer science and have become a standard feature of the ritual hazing...er...interview process for developers at all levels. In this article, Julie Kent introduces us to the merge sort algorithm. She'll show us how it works, implement it in ruby, and discuss its performance characteristics.