I've been working with Ruby on Rails since ~2008 and still haven't found a language/framework combination that I'd rather use. Instead of many separate notes, this page contains some random notes that you may find useful.
Also check out the Ruby page, featuring Ruby things that aren't necessarily Rails-related.
#classify MethodThe method is part of the Ruby on Rails ActiveSupport::Inflector class and, according to the API docs, "creates a class name from a plural table name like Rails does for table names to models." The given examples are:
classify('ham_and_eggs') # => "HamAndEgg"
classify('posts') # => "Post"
However, 's'.classify returns an empty string1. None of the other letters do the same. Here's a quick test:
('a'..'z').to_a.each do |letter|
puts letter unless letter.classify == letter.upcase
end
Absolutely unforgivable bug that renders the entire Rails ecosystem completely useless. Just a terrible oversight by the Rails core team, the full Rubyist open-source community, and the entire nations of Japan and Denmark.
This is the code I used many years ago for a Devise2-encrypted users table of a Rails application. The scenario was the following: we had a User table that stored hashed user passwords together with their salts. As part of a company-takeover, we didn't want all these users to have to create a new login and password, but instead be able to re-use their existing credentials. The following snippet shows how to do just that and is a working example for the password secret and the given salt combination.
# encrypted password and salt from 'users' table
crypted_password = '250b93503767a853ea7d3b7cb286fa308b1a073d335b91f71f3e4c491ad8c833f3a8795edcdce4a0df8ab00a9580a433715153090aa9dbd3017bd357dca003e2'
password_salt = 'Sm6ubiGVfnpQmJ4dsOrb'
# password entered by user
raw_password = 'secret'
require 'digest'
hash = "#{raw_password}#{password_salt}"
20.times { hash = Digest::SHA512.hexdigest(hash) }
# if hash matches crypted_password, raw_password was correct
hash == crypted_password
This is all you need to know. Encrypted credentials are stored in config/credentials.yml.enc. They can be decrypted via a master key which is stored in config/master.key (alternatively in an environment variable called RAILS_MASTER_KEY) and should not be checked into version control. However, you are using the same master key in development and production.
Credentials are edited using EDITOR=nano rails credentials:edit (or use any other editor). You can set the environment for which you want to edit credentials: rails credentials:edit --environment production.
The credentials file config/credentials.yml.enc can be pushed to version control and deployed to production. Manually set the master key in production to the same one you're using in development.
To access credentials from your app, just use Rails.application.credentials.some_key
Add config.assets.compile = false to your config/environments/development.rb to make development act like production when troubleshooting any asset pipeline bugs. Or even better: set up a staging environment that mirrors production. Assets should be placed in app/assets/ and precompiled like this:
rails assets:clean
rails assets:precompile
.order('RANDOM()')
1 don't ask why you would need a one-letter class name
2 https://github.com/heartcombo/devise