To enhance the security of a web application having a user authentication workflow, we use a security method called 2FA. It is also known as Two Factor Authentication(type of Multi-Factor Authentication). In this blog post, we will see how to implement email-based 2FA in ActiveAdmin auth of a Ruby on Rails application. In the email-based 2FA approach, when logging in with an email and password, an OTP will be sent on a registered email address. Upon entering the OTP, it will successfully authenticate and the session will be started. Also, we will see the following additional functionality and customizations

Writing unit tests is more of an art than a skill, and understanding what to test for comes with experience and/or mistakes. We look for the percentage of test coverage for examining the health of an application. However, the "coverage percentage" might be misused or overlooked. In particular, it falls victim to Goodhart’s law, which says: “When a measure becomes a target, it ceases to be a good measure”. Whenever we start writing test cases for the sake of improving the code coverage, we miss the whole point of testing and rather introduce Tautological Tests - poorly designed

Ruby does not have any entry point to the code it is executing. Compare that to other languages like C, C++, Java, etc., which has a main() method in some way. And this main() is the entry point to the code. But in Ruby, we can open a file with a .rb extension and write our code at the top-level like: foo = 'Great Scott!' puts foo # => Great Scott!... and Ruby will execute the file for us. You'll get introduced to this top-level scope as global scope throughout most tutorials. Even though the intention is correct, the terminology as

For the past few months at Kiprosh, we've done versions upgrade of multiple mid to large scale Ruby on Rails applications. One of them was running Rails version 3.2.22. That's where we found out that, we need to make a lot of changes in our codebase to run our application on version 4.0. Hence, we thought to write this blog post to share our insights and recommended strategies for upgrading such mid to large Rails applications. upgrading Ruby on RailsRails guides provide us a brief information on how to upgrade the Rails app, but we need to

Emoji has become an essential part of communication in our digital lives. Hence, as developers, our applications should provide first-class support to them. In this blog post, we will explore how to store Emoji's in MySQL database. In one of our internal Ruby on Rails web application using MySQL database, we were facing an issue whenever a user tried to insert an emoji in the text of an article. The "save" functionality in UI ran infinitely (ajax) and logs were reporting following errors: ActiveRecord::StatementInvalid (Mysql2::Error: Incorrect string value: '\xF0\x9F\x98\x8A ...' for column 'content' at

As a tech organisation, we always strive to find suitable talent for available positions, and then move them quickly through the application funnel, from sourcing to hiring. The goal is to onboard a potential candidate as fast as possible. In this endeavor, we decided to automate our recruitment processes so that the overall time to screen, interview and to release an offer is relatively faster. Background Interested candidates apply on our website through careers page. We have a referral program for our associates so it also resulted in wider interest. We also receive direct applications through email on careers@kiprosh.

Although nowadays we have Email, SMS services integrated in most of web applications, sometimes there could be need of documentation for future reference which users may want to reuse later based on their need. Similar requirement we had in one of our web application where we wanted to provide option to user to generate single or bulk PDF files out of any HTML templates they have in their account. There was different features around the generation of PDF document but major work was involved in generation of PDF out of HTML which is also not difficult task when we have

In my previous post, we discussed how we were able to sync our files and folders with Google Drive. You can refer the post here - http://kiprosh.com/blog/google-drive-file-upload-pre-generated-file-id-for-uploads. Once we were done with the sync setup - next step is to ensure sync was accurate and timely i.e changes made in our application are accessed instantly in Google and more important changes made in Google are available in our application. We needed this without an impact on the performance - without polling Google to find out updates and nor writing any custom logic comparing timestamps to

This is a one of the part of some of articles I wanted to publish for the things I learned or had less of web content when we were integrating a feature for Google Drive Folder Sync. Basic goal was to connect a Google Drive Folder and upload files from our app to Google and vice-versa. In this article we want to focus mainly on the uploads from our application. Why do we need the Pre Generated Id for Files? We are using Google Drive API V3 for this feature - https://developers.google.com/drive/v3/web/about-sdk. The

In the previous article, we have seen how to configure DigitalOcean Droplet. Now let's proceed further to set up our application repository and Ngnix with Phusion Passenger on the DigitalOcean droplet. 1. Install RVM and Ruby We will install ruby using Ruby Version Manager(RVM) as it gives more flexibility to manage multiple ruby versions on the same system over rbenv, chruby, etc. Import RVM GPG key, before installing RVM: gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 Then, install RVM: curl -sSL https://get.rvm.io | bash -s stable Load RVM script and run requirement command to manage the