|
|
|
|
|
|
by sellingwebsite
2477 days ago
|
|
|
I should have phrased it differently. Yes, you don't roll your own security. You use powerful primitives provided by Ruby and Rails, such as bcrypt, has_secure_password/has_secure_token, encrypted sessions, secure httponly cookies with prefixes + samesite attrbiute all served over TLS 1.2+, with HSTS and CSP |
|
|