JWT Storage in Rails + React The Right Way

Local or session storage in the browser might feel like the right place to store a JWT when authenticating your client-side app against a backend API. Maybe it feels like the right place because I told you to do that. But its not right! Its wrong and its insecure. Instead,… »

Selecting Fixed Virtual Attributes with Arel

Arel: A Quick Intro Arel is a SQL AST (Abstract Syntax Tree-like) manager for Ruby. It allows us to write complex SQL queries in a semantic, reusable fashion. Arel is "framework framework"; it's designed to optimize object and collection modeling over database compatibility. For example, Active Record is… »

Testing External Requests in Elixir? Roll Your Own Mock Server

What should you do when testing Elixir code that makes web requests to an external API? We don't want to let our code make those requests during a test run––we'll slow down our tests and potentially use up API rate limits. We could mock such requests with the help… »

Run Ecto Migrations in Production with Distillery's Boot Hooks

You need to run you're migrations with the production release of your Elixir app, in your production environment. You can't use mix! You can use Ecto Migrator. Read on to find out how to run your Ecto migrations in production using Distillery's Boot Hooks. The Problem Coming from a Rails… »

JWT Auth in Phoenix with Joken

JSON Web Tokens, or JWTs, allow us to authenticate requests between the client and the server by encrypting authentication information into a secure, compact JSON object that is digitally signed. In this post, we'll use the Joken library to implement JWT auth in a Phoenix app. We'll focus on JWTs… »