O'Reilly logo

Rails, Angular, Postgres, and Bootstrap, 2nd Edition by David B. Copeland

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3Secure the User Database with Postgres Constraints

Our registration and login system looks great, thanks to Bootstrap, and works great, thanks to Devise. But it’s not as secure as it can be. As you recall from the previous chapter, we used validations to prevent users from registering with a non-company email address. Because this is done in Rails, it’s easily circumventable using Rails’s APIs or a direct database connection. Even something unintentional like bugs in our code could introduce vulnerabilities.

What we’d like is to prevent non-company email addresses from getting into the database entirely. Most SQL databases do not have powerful features for preventing bad data. With Postgres, however, we can, by using a feature called ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required