Here you will learn how to get the most out of the Rails console. I will also demonstrate several utility gems and how to use them without adding them to the Gemfile. (9 minutes)

It is important to protect a user's private information with HTTPS. Here you will learn how to get it working on your local machine, configure Rack SSL, install certificates for production, and more. (14 minutes)

If a user's authentication cookie is sent over an insecure connection it is vulnerable to session hijacking, or more specifically, sidejacking. Learn how this is done, and how you can prevent it. (6 minutes)

OmniAuth makes it easy to do user authentication through a third party provider such as Twitter or Facebook. Learn a simple approach in this episode. (11 minutes)

Here I show a variety of ways to rewrite a long SQL query using only Active Record and Arel. This includes generating scopes dynamically, adding an "or" operator, and adding a powerful "match" method. (15 minutes)

Squeel provides a comprehensive DSL for writing SQL queries in Ruby. It is built upon Arel giving you access to many of its powerful features. (9 minutes)

If you have a page containing a dynamic list of records, consider providing an RSS or Atom feed for it. It is quite easy to do with XML Builder and the atom_feed helper method as shown in this episode. (8 minutes)

Doorkeeper makes it easy to create an OAuth 2 provider. This episode also shows how to setup OmniAuth as an OAuth client and use the oauth2 gem to communicate with an API. (19 minutes)

There are many approaches to locking down an API. Here I start off with HTTP Basic authentication then move on to generating a unique token which can be passed through a URL parameter or HTTP header. (7 minutes)

A polymorphic association allows a model to belong_to different types of other models. Here I show how to make a single comment model belong to articles, photos, and events. (11 minutes)