Authentication is at the heart of most web development, yet it is difficult to get right. In this article, Diogo Souza discusses common security problems with authentication systems and how you can resolve them. Even if you never build an authentication system from scratch (you shouldn't), understanding these security concerns will help you make sure whatever authentication system you use is doing its job.
Let's face facts. Git is not fun. Git is not friendly. No. It's just infuriatingly useful, so we're stuck with it. But what if you could make git more friendly? More convenient? Would that make your day a little less stressful? In this article, Julie Kent shows us how we can do this with just a few simple tweaks.
Without version control systems like git, life as a developer would be very different. It is the center of modern collaborative approaches to development. But how does it work? You know...under the hood? In this piece, Julie Kent gives us a guided tour.
Logging is tricky. You want logs to include enough detail to be useful, but not so much that you're drowning in noise - or violating regulations like GDPR. In this article, Diogo Souza introduces us to Ruby's logging system and the LogRage gem. He shows us how to create custom logs, output the logs in formats like JSON, and reduce the verbosity of default Rails logs.
Management thinks that letting folks from WidgetCo log into widgetco.ourapp.com will really help make the sale. It seems harmless enough. But using a custom subdomain like this can open WidgetCo up to potential security issues. In this article, Julien Cretel introduces us to Subdomain Takeover attacks and discusses ways we can mitigate them.
Some devs use JavaScript in the browser; some use JavaScript on the server. What if you do both?
For quick, scalable, highly-available web services, few options compare to AWS Lambda. Just provide your code, add a little configuration, and you're done! In this article, Milap Neupane will introduce us to Lambda, show us how to get it working with Ruby and the Serverless Framework, and discuss reasons to use — or to not use! — Lambda in production.
Every Rails app has a breaking point; a level of activity that it simply cannot handle. Your braking point depends on big architectural decisions, yes — and also on the tiniest changes committed by your most junior developer. That's why it's vital to regularly test your application's performance under load. In this article, Milap Neupane gives us a Rails-centric introduction to load testing with a powerful open-source tool called JMeter.
When you're deciding on a technology to use for your project, it helps to have a broad understanding of your options. You may be tempted to build a web service in Go for performance reasons - but what would that code actually look like? How would it compare to languages like Ruby or JS? In this article, Ayooluwa Isaiah gives us a guided tour through the building blocks of go web services so you'll be well-informed.
Few things are scarier than a database slowly losing integrity over weeks or years. For a while, nobody notices anything. Then users start reporting bugs, yet you can't find any code that's broken. By the time you realize the problem, it may be happening for so long that your backups are unusable. We can avoid problems like these with skillful use of transactions.
