...popular authentication libraries like clearance or devise for this task. Learn Read the article Rails Authentication from Scratch You don't need to do write any code, but you should...
...you have access to the database? Can you sign out a user using the Rails console? If someone can read our network traffic, can he see a user's password...
...into a database console, run SET GLOBAL query_cache_type=OFF; and restart your rails server. You can also disable the cache on a per query basis by saying
...SQL_NO_CACHE * FROM ... You also probably want to disable Rails internal (per-request) cache. For this, wrap your code with a call to ActiveRecord::Base.uncached. For example, as an...
expect(time1).to eq(time2) end Note for users of #end_of_day Rails extends Time with a method #end_of_day which returns the latest possible Time on...
...command line flag when opening an IRB: irb --nomultiline This also works on modern Rails when using rails console like so: rails console -- --nomultiline Option 2: Disable by default
From Exploring ES6: Module imports are hoisted (internally moved to the beginning of the current scope). Therefore, it doesn’t...
...ein User ungefiltertes HTML in die Webseite einfügen kann. Danke für den interessanten Beitrag! alert('you have been hacked') Rails löst das Problem weitgehend, aber Programmierfehler weiter möglich manchmal Sicherheitslücken in Gems oder Rails
background-color: blue; } = javascript_tag nonce: true do :plain window.addEventListener('load', () => { ... }); CSP mit Rails Demo Konfiguration via config/initializer/content_security_policy.rb Überschreiben in einzelnen Controllern Nonce-Support für javascript_tag
...If you trigger a COUNT query for an association of an an unsaved record, Rails will try to load all children where the foreign key IS NULL. This is not...
...MySQL or PostgreSQL. Implementation examples are for the ActiveRecord ORM used with Ruby on Rails, but the techniques can be implemented in any language or framework. We will be using...
YOUR QUERY\G; \x on Further reading How to setup Ruby on Rails with PostgreSQL Connect to a Rails database with bin/rails dbconsole -p...
...ids on an ActiveRecord scope to pluck all the ids of the relation: # Modern Rails User.where("users.name LIKE 'Foo Bar'").ids # Rails 3.2+ equivalent User.where("users.name LIKE 'Foo Bar'").pluck...
# Edge rider equivalent for Rails 2+ User.where("users.name LIKE 'Foo Bar'").collect_ids
Rails' Strong Parameters enable you to allow only specific values from request params to e.g. avoid mass assignment. Usually, you say something like params.permit(:email, :password) and any extra parameters...
There are multiple ways to redirect URLs to a different URL in Rails, and they differ in small but important nuances. Imagine you want to redirect the following url...
When deploying Rails applications you might have noticed that JS and CSS are not cached by all browsers. In order to force Apache to add expiry dates to its response...
...when I change a file? Changed stylesheets and javascripts will always be reloaded because Rails appends a screen.css?1234567 timestamp to the paths. Background images referred to from the CSS...
In Ruby on Rails ActiveRecord::Relation#merge overwrites existing conditions on the same column. This may cause the relation to select more records than expected: authorized_users = User.where(id...
end But how to solve the uniqueness problem? Another day, another undocumented Rails feature! This time, it’s that ActiveRecord::Base.connection.add_index supports an undocumented option to pass...
(excerpt from: Fancy Postgres indexes with ActiveRecord) So regarding to the cited site Rails 5+ allows me to use an SQL statement in my index: t.index 'shop_id, lower...
...collectiveidea.com/blog/archives/2012/01/27/testing-file-downloads-with-capybara-and-chromedriver module DownloadHelpers TIMEOUT = 10 module_function def download_path download_path = Rails.root.join("tmp/test_downloads#{ENV['TEST_ENV_NUMBER']}") FileUtils.mkdir_p(download_path) download_path end def clear_downloads FileUtils.rm...
...after_logout idp_sign_out] end Unsafe redirect when trying to log out Since Rails 7 you need to pass allow_other_host: true to redirect_to to allow a...
When your JavaScript bundle is so massive that you cannot load it all up front, I would recommend to load...
...when your application uses time zones. Background A time-zoned Time attribute on a Rails record is converted to UTC using to_s(:db) to be stored, and converted back...
Quick reference for passing data from Rails to JavaScript via Unpoly compilers. Haml Attribute Syntax # Ising hash rockets and string symbols (method calls) = form.text_field :name, 'date-picker': true
...several gems that help to you do that, like Sidekiq or Resque. With newer Rails you can also use ActiveJob as interface for a background processing library. See here for...
end and a features/support/active_job.rb with: # Jobs should be worked off immediately in tests Rails.application.config.active_job.queue_adapter = :inline
If you run a Rails app that is using Turbo, you might observe that your integration tests are unstable depending on the load of your machine. We have a card...
...This could be your (very careless) controller method: def generated send_file File.join(Rails.root, 'shared', 'invoices', params[:number]) end This allows your users not only to access those files but...
...directory of the files as the first parameter, like so: send_file_inside File.join(Rails.root, 'shared', 'invoices'), params[:number] Do not use only Rails.root -- this would allow access to config/environment.rb...
...version "3.4.0" resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.4.0.tgz#8de513fa0fa4b2c7d2e48a530e26f0596936efdf" integrity sha512-ggRCXln9zEqv6OqAGXFEcshF5dSBvCkzj6Gm2gzuR5fWawaX8t7cxKVkkygKODrDAzKdoYw3l/e3pm3vlT4IbQ== package.json { "dependencies": { "@rails/webpacker": "4.x", "bootstrap-datepicker": "1.8.0", # the package says it needs "jquery": ">=1.7.1 <4.0.0" as a dependency
...node_modules/jquery node_modules/bootstrap-datepicker/node_modules/jquery Actual issue Within the Rails Webpacker config we now provide a jQuery object to boostrap-datepicker: config/webpack/environment.js environment.plugins.prepend( 'Provide', new webpack.ProvidePlugin({ $: 'jquery', jQuery: 'jquery', 'window.jQuery': 'jquery...