Sign in through GitHub

RailsCasts Pro episodes are now free!

Learn more or hide this

Noah Hendrix's Profile

This user is a moderator.

GitHub User: noahhendrix

Site: http://noahhendrix.com

Comments by Noah Hendrix

Avatar

You might want to look into Ernie Miller's Ransack gem https://github.com/ernie/ransack

Avatar

The method you describe is more susceptible to SQL injection, in my opinion. It's better to compare in the code instead of letting the DB do the authenticating. This also benefits from separation of concerns, the DB is responsible for storing and retrieving data not authenticating a user.