Karim Tarek

Joined

630 Experience
2 Lessons Completed
0 Questions Solved

Activity

Posted in Episode on GraphQL

+1

What would be the script src if you are adding the embedded script to another website?

Posted in How to protect API againest malicious attack?

Hey Daniel, spot on 🙌

The app I'm building is actually the middleware, the whole idea of the app is to make Shopify theme developers able to do things that they are usually aren't able to, without a middleware.

So I can't remove the token from the website, I need a practical secure soltion that can put developers minds at ease so they can use the app I'm building. So far this seems like a show stopper 😔

Posted in How to protect API againest malicious attack?

Thanks Seth, unfortionatly that's not what I'm looking for!

Posted in How to protect API againest malicious attack?

Hello 👋

I'm working on an API that is reciving requests from websites (Shopify stores), the request looks like:

shopCentralAPI.apiToken = "123"
shopCentralAPI.metafieldCreateUpdate(shopCentralAPI.apiToken, {
      store_id: "{{ shop.domain | remove: ".myshopify.com" }}",
      metafield: {
        shopify_obj_type: metafield_obj_type,
        shopify_obj_id: metafield_obj_id,
        namespace: metafield_namespace,
        key: metafield_key,
        value: metafield_value,
        value_type: metafield_value_type
      }
    });

When the request hits the API

  1. I find the user by the API token (JWT)
  2. make sure the request is coming from a store belongs to the user
  3. process the request

The shopCentralAPI.apiToken as you can see is exposed so what would be a better or more secure way to send a request from a website to the API? Which would protect againest malicious console request or any other attack I'm not aware of.

TIA 🙌

Posted in Editable emails templates

Thanks Casey 👍
Those are the same resources that I manged to find. They are outdated so I thought maybe there are newer resources I'm not able to find, for example "effective_email_templates" gem is no longer maintained.

Posted in Editable emails templates

Hi there 👋
I need users to be able to edit email templates, something like:
Hello {{ first_name }},
Please advice, thanks 👍

Thanks @James, it looks like I'm gonna have to do some digging then :)
I really appreciate your feedback.

Thanks @James, any idea how to set those params if I deploy using Hatch?
I guess I'm gonna have to SSH, so where should I put those?

Hello 👋

I've a two Rails apps hosted on a droplet that has multiple CPUs.
Honstly I don't know what does that mean for the app and if I need to do any thing to take advantage of that or does Rails already does that? Please advice 😊

Thanks ☮️
Karim

Posted in Disaster recover plan?!

Sure I understand. Maybe you can start by the minimal amout of configurations like S3, email, and slack, that should do it for most poeple extra configurations then one gotta ssh in to server and configure him/herself.

Posted in Disaster recover plan?!

Just a side note: it would be nice if backup config can be done through the UI ;)

Posted in Disaster recover plan?!

As usual, that's some solid advice Chris :) thanks a lot.

Posted in Disaster recover plan?!

Hello,

So I'm deploying my first Rails app built for a customer – 🎉 – to production in couple of days – I'm using Hatch – and I'm not sure what kind of setup/plan I should have for "disater recover" if things go wrong for any reason – I hope nothing will go wrong :)

I'm going to enable db backups so I always have most recent db, should I consider DigitalOcean backup – my understanding that they take a snapshot of the server every night – is that useful?

What would be the fastest way to restore the db incase I need to?

If you know of any good resource so look into that would be awesome as well.

Looking forward to your answers :)

Cheers.

Hello,

Although I've been working with Rails for about 3 years now I was never resposible for deploying apps and dealing with servers – embarrassing, right? – apart from a side project I used Heroku for, so I'm sorry if my questions seems to be trivial :)

  1. I signed up with Hatch to deploy an app. I was wondering do Hatch provide a way to backup the database? Or is this something I need to takecare of? If so, any suggestions?

  2. I'm using delayed_job for background jobs, I'm not sure how to start the worker when I deploy the app, locally I just do rake jobs:work so do I need to add that somewhere in the Rails config files? or is is something done on the server-side? May be a Bash script?

  3. I'm planing to go with DigitalOcean for hosting, the app is pretty simple and for the forseable future I don't expect crazy amount of traffic, should I go with 1 core or 2 cores? What about memory? Put in mind I'm going to be using background jobs whenever possible.

  4. Any suggestions for managing logs? I want a simple way to be able to go through the logs, if I have to

  5. Now if I want to rails console do I need to ssh into the server or does Hatch provide a shortcut for that?

Thanks :)

Posted in Freelance advice

Thanks so much Chris for the detailed answer.
I'll hold up the questions for now until we hear from other poeple, if not I'll ask ;)

Posted in Looking for Rails work? / Hiring Rails developers?

Hey Nick, thanks a lot for giving Timeliner a shot, I'd love to hear your feedback so far if you don't mind sharing :)

Posted in Freelance advice

Hello 👋

I got into freelance recently, I thought I'd reach out to the veteran freelancers in the community to seek advice, things I'm curious about, are:

  • What is(are) the most important step(s) to start on the right direction?
  • What worked for you best when you were looking for your first client?
  • How much should I charge? Hourly rate or fixed or a retainer? What worked best for you?
  • How do you stay motivated, focused, and keep improving?
  • Do I need to get into marketing? If so, how much is enough and do you recommend any good resource(s)?

Please feel free to share your experience/knowledge even out side of those questions, any thing will be much appreciated 😃

Thanks a lot,
Karim

Posted in Looking for Rails work? / Hiring Rails developers?

SEEKING WORK / Toronto,Canada / Remote

I'm a full-stack Ruby on Rails developer / UI designer.
Things I know and use: Ruby, Ruby on Rails, RSpec, Capybara, PostgreSQL, Heroku, Javascript, jQuery, HTML, ERb, Haml, CSS, SCSS

Resume/Portfolio: http://www.gotimeliner.com/karim-tarek

☮️

Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

© 2024 GoRails, LLC. All rights reserved.