All Ruby on Rails Node JS Android iOS React Native Frontend Flutter QA
Insecure Direct Object Reference, or IDOR,is an error in the business logic of an application. This category of bugs is very hard to discover during static code analysis or code review. They can’t be mitigated with any kind of additional “magical” security appliance such as next generation firewalls or web application firewalls. This is a business logic error, made in the design or implementation phase. A webapp with an IDOR makes it possible for any user to access other users' data.
Read more
Monoliths are not that popular as they used to be. Today’s applications are split into back-end and front-end with dedicated programmers and servers. It allows us to separate business logic from graphics and increase an application performance. But what if your client doesn’t have enough money to build separate applications? Or when an application is too small to split? What if we don’t have enough knowledge of Javascript frameworks? No problem! The very simple StimulusJS framework in connection with Rails and the dedicated StimulusReflex gem can do awesome things.
Read more
In this article you will learn how to properly authenticate users using login and password credentials and avoid common pitfalls
Read more

Improve Your Services Using Dry-rb Stack

The service objects layer is a crucial part of the Ruby on Rails backend. This is the places where most of the business logic is stored. This is the places that we want to keep in the best possible shape. For that purpose, I have started using some of the gems from the Dry-rb stack. In this blog post, I will try to share with you some solutions based on the Dry-rb gems that can make your services even better.
Read more

Server-Side Swift

When you want to write a backend, you mainly think about frameworks that work with Java, C#, Python or JavaScript, but a new player has come into town recently. Most people associate Swift with development for Apple desktop and mobile platforms, and while they are not wrong, Swift is capable of so much more! After all Swift's author, Chriss Lattner jokingly said:
Read more
Postgres complex data types (hstore, json, jsonb, array) are very useful tools in database design. Having multiple values under one attribute definitely has its use cases. There are plenty of articles that compare the NoSQL database performance to the PostgreSQL JSON datatypes. Their results show the maturity of tools provided by this database management system. So which data types are best suited for what?
Read more
 Most of the time when we need to query some data from our database in a Rails based application, we just use ActiveRecord query interface. When the query is more complicated, we write it using SQL language. Sometimes it may be needed to use such SQL query in more than one place. In such cases (to better stick to the DRY principle), we can consider using a database view. In this blog post, I will present what are the database views and how to easily use them in Ruby on Rails application with the help of a Scenic gem.
Read more

PostgreSQL Advisory Locks

Thread synchronization is a topic that gives many developers nightmares. It's a very serious issue, hard to debug and solve, especially in desktop apps. However, web developers sometimes also have to tackle the challenge of making multiple threads work nicely with each other. So, what exactly is the problem here?
Read more

Dry-validation Basics

Every program receives some kind of input data. It can by anything - from variables, command line options, HTML web forms, and configuration files to binary data. All of this needs to be checked to prevent unexpected errors from happening. Although ActiveModel::Validations is great for web apps and simple models, it isn't very flexible for other types of validation and complex dependencies.
Read more
In the first part, we discussed the "N+1 queries" problem and how to deal with it using Rails' ActiveRecord. In this part, we will discuss some other useful ActiveRecord methods that can help us achieve some results faster or just in a more elegant way.
Read more
Newer
Need a successful project?
Estimate project
Netguru Codestories | Backend