Running with Ruby

Category: Software (page 1 of 69)

How to take over a Ruby gem and what to do with it / RubyKaigi 2019 presentation

May 19, 2019 / / 0 Comments

Using Ruby gems is safe, right? We’re a nice community of friendly beings that act towards the same goal: making Ruby better. But is that true? Can we just blindly use libraries, without making sure, that they are what they are supposed to be?

Learn how you can take over a gem, what you can do with it once you have it and what you can do to protect yourself against several types of attacks you’re exposed to on a daily basis. Let’s exploit the Ruby gems world, and its data together.

Slides are available here.

Ruby on Rails HTTP Basic authentication with JSON failure message

February 24, 2019 / / 0 Comments

A short snippet on how to make Ruby on Rails authenticate_or_request_with_http_basic respond with a JSON valid message upon failure.

class ApplicationController < ActionController::API
  include(
    ActionController::HttpAuthentication::Basic::ControllerMethods
  )

  before_action :http_authenticate!

  def http_authenticate!
    authenticate_or_request_with_http_basic do |key, secret|
      return if Resource.find_by(
        key: key,
        secret: secret
      )
    end

    render(
      json: 'Invalid credentials'.to_json,
      status: 401
    )
  end
end

Cover photo by Vladimer Shioshvili on Attribution-ShareAlike 2.0 Generic (CC BY-SA 2.0) license.

Olderposts

Other stuff

Social media

Tags

ActiveModel ActiveRecord apache kafka backup bash chat deprecation warning gem HTTP Javascript juggernaut karafka karafka framework Linux migration Mongo Mongoid Mysql openssl paperclip Performance PHP Rails Rails 2.3.8 Rails3 Rails3.1 Rails 4 Rails4 Rails 4.0 RoR routes routing error Ruby Ruby 1.8.7 Ruby 1.9 Ruby 1.9.2 Ruby 1.9.3 Ruby on Rails RVM safety server shell Sinatra SVN ubuntu

Archives

Recent Posts

Copyright © 2019 Running with Ruby

Theme by Anders NorenUp ↑