Sign in through GitHub

Please read for an updated status on RailsCasts:

Learn more or hide this

Noah Hendrix's Profile

This user is a moderator.

GitHub User: noahhendrix

Site: http://noahhendrix.com

Comments by Noah Hendrix

Avatar

You might want to look into Ernie Miller's Ransack gem https://github.com/ernie/ransack

Avatar

The method you describe is more susceptible to SQL injection, in my opinion. It's better to compare in the code instead of letting the DB do the authenticating. This also benefits from separation of concerns, the DB is responsible for storing and retrieving data not authenticating a user.