iHiD
/ database_session_script.bash
Created
June 6, 2012 15:28
How to Build A Secure Website With Ruby On Rails 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rails generate session_migration | |
| rake db:migrate |
iHiD
/ sessions_controller.rb
Created
June 6, 2012 15:30
How to Build A Secure Website With Ruby On Rails 6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Authenticate user | |
| @user = #... | |
| # Destroy the existing session in case anyone is sharing it and | |
| # create a new session that you know to be unique to the user. | |
| reset_session | |
| # Store the user's id as normal | |
| session[:user_id] = @user.id |
iHiD
/ heroku_setup.bash
Created
June 6, 2012 15:29
How to Build A Secure Website With Ruby On Rails 4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| heroku addons:add ssl:endpoint | |
| heroku certs:add my_cerficate.crt site.key |
iHiD
/ session_store.rb
Created
June 6, 2012 15:29
How to Build A Secure Website With Ruby On Rails 5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Security::Application.config.session_store :active_record_store |
iHiD
/ settings_controller.rb
Created
June 6, 2012 15:30
How to Build A Secure Website With Ruby On Rails 7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class SettingsController < ApplicationController | |
| def show | |
| @user = User.find(session[:user_id]) | |
| end | |
| def update | |
| @user = User.find(session[:user_id]) | |
| @user.update_attributes(params[:settings]) | |
| end |
iHiD
/ settings_routes.rb
Created
June 6, 2012 15:31
How to Build A Secure Website With Ruby On Rails 8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Security::Application.routes.draw do | |
| match 'show_settings' => "settings#show" | |
| match 'update_settings' => "settings#update" | |
| end |
iHiD
/ settings_routes_2.rb
Created
June 6, 2012 15:32
How to Build A Secure Website With Ruby On Rails 9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Security::Application.routes.draw do | |
| get 'show_settings' => "settings#show" | |
| put 'update_settings' => "settings#update" | |
| end |
iHiD
/ settings_routes_3.rb
Created
June 6, 2012 15:32
How to Build A Secure Website With Ruby On Rails 10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Security::Application.routes.draw do | |
| resource :settings | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class User < ActiveRecord::Base | |
| # Has attributes: [:username, :hashed_password, :is_admin] | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class UsersController < ApplicationController | |
| #... | |
| def update | |
| @user = User.find(params[:id]) | |
| @user.update_attributes(params[:user]) | |
| #... | |
| end | |
| #... |