Mark Oveson

Joined

4,670 Experience
46 Lessons Completed
0 Questions Solved

Activity

Posted in Vue.js Trello Clone in Rails - Part 7 Discussion

That does the trick.

Posted in Vue.js Trello Clone in Rails - Part 7 Discussion

This was a great series! I love the practical steps forward, and refactoring into components was wonderfully illustrated.

I'm experiencing a bug in the program, and I wonder if it's something specific to my code. When I move a card and then click to edit the name within a modal, the card title is correct, but the text in the input box is incorrect. For example, if I have a list with Item 1 and Item 2, then I drag Item 2 to the first location, then click on Item 2, I get a modal with the title "Item 2" but the text in the input area is "Item 1".

Are you getting the same behavior?

Posted in Rails & Vue.js Trello Clone - Part 4 Discussion

I am loving this series! This is such a cool project. The combination of acts_as_list and Vue makes it seem effortless.

I had one minor suggestion for the code in the cardMoved function. Rather than finding the list index, would it be better to just set a constant to the new list itself, and then use that object to set the list_id in the ajax request? Here's what I did:

const card_list = this.lists.find((list) => {
return list.cards.find((card) => {
return card.id === element.id
})
});

Then when setting up data, I did this, which seems a bit cleaner:

data.append("card[list_id]", card_list.id);

Thanks for the great material!

Posted in Primer on Rails 5.1's new UJS library Discussion

This was an enlightening episode. Thanks for digging into the source to show us what's going on behind the scenes.

While discussing `Rails.linkClickSelector`, you mentioned, "you could be able to append stuff and move stuff from it as necessary." I'd like to ask you about that.

I would like to build a "verify" dialog box for deleting certain resources in one of my projects. The dialog box would work like the github dialog box for deleting a repo, in that you have to type the name of the resource in order to delete it. The idea is to make it impossible to inadvertently delete a resource.

The syntax I envision would be something like this:

```
link_to 'Delete event', event_path(@event),
method: :delete,
data: {
verify: {
message: 'NOTE: This will delete the event and all associated efforts and split times. This action cannot be undone. To verify, type the name of the event below and click Continue',
key: @event.name}
},
class: 'btn btn-sm btn-danger'
```
Do you have any ideas how to go about implementing something like this?

Posted in Code Review: Run Number Refactoring Discussion

+1 for starting with tests on next refactoring episode.

Posted in JSON Web Tokens with Devise & Warden Discussion

One more thought: As you pointed out, many websites will want to accept both JWT requests and non-JWT requests via the same API. By adding `skip_before_action :verify_authenticity_token` without disabling non-JWT requests, don't we open a hole to CSRF attack from non-JWT requests?

Here's a possible solution; would love to have your thoughts.

In the API controller:

skip_before_action :verify_authenticity_token, if: :json_web_token_present?

def json_web_token_present?
current_user.has_json_web_token
end

In the User model:

class User < ActiveRecord::Base
attr_accessor :has_json_web_token
end

In the strategy:

def authenticate!
...
user = User.find(payload["sub"])
user.has_json_web_token = true
success! user
...
end

Posted in JSON Web Tokens with Devise & Warden Discussion

Love this series. I've implemented this devise/warden strategy in my own project. One correction: Because the `before_action` in the ApiController is changed from `:authenticate_token!` to `:authenticate_user!`, the `skip_before_action` in the AuthenticationController must also change to `authenticate_user!`, otherwise devise will reply with "You must sign in or sign up before continuing."

Keep the great material coming, Chris.

logo Created with Sketch.

Ruby on Rails tutorials, guides, and screencasts for web developers learning Ruby, Rails, Javascript, Turbolinks, Stimulus.js, Vue.js, and more. Icons by Icons8

© 2021 GoRails, LLC. All rights reserved.