Mark M.

Joined

60 Experience
0 Lessons Completed
0 Questions Solved

Activity

Posted in Go Rails' Stripe lesson and strong params

Thanks for such a detailed response, Chris!

Posted in Go Rails' Stripe lesson and strong params

Hello,

I recently watched the Go Rails Stripe tutorial. In it, Chris creates subscriptions like this:

def create_subscription
  customer = # set customer...
  subscription = # create subscription...

  # Set initial subscription information
  user.update(
    stripe_id:      customer.id,
    card_last4:     params[:last4],
    card_exp_month: params[:exp_month],
    card_exp_year:  params[:exp_year],
    card_brand:     params[:card_brand],
    # ...
  )
end

Is this a secure approach for Rails 5 since we're not using strong params? I'm initially thinking yes (since we're explicitly setting which params can be updated by user.update) but I wanted to double-check with all of you since I'm new to Rails.

Thanks!

Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

Twitter GitHub

Solutions

Support

Company

Legal

© 2024 GoRails, LLC. All rights reserved.