BLOG

Archive for January, 2008

Multiple Rails applications

January 30th, 2008, Programming, Ruby on Rails, 6 Comments

We are midway through a large project at the moment. It’s our biggest Ruby on Rails project for a client to date and consists of a front end and an administration area based on our DATA CARTON technology. Early on we faced several organisational conflicts between these two opposing forces.

Our DATA CARTON framework was adverse to settling in directly with its public facing companion, our models (while obviously the same) were actually required to be configured in subtly different ways, and with multiple developers and designers working together, we decided to split them into two applications both pointing at the same database.

While these logical units promised simpler security, cleaner directory structures and more streamlined development, we hadn’t tried this before but decided to just forge ahead anyway. These are the problems we encountered and how we solved them:

1. Logins

Our front end is community-based and all users of the system from newsletter subscribers to administrators share a users table. The first thing we did after pointing our database.yml file at the same database was to try logging in to both applications with the test user we had created. After only a 50% success rate, we traced the problem to our password encryption method that uses a mixture of the user’s password choice, a salt and an application specific key string. Different keys are going to result in different hashes and incompatible authentication routines in the applications. A quick switch to using identical strings and we were successfully creating users and logging-in in all possible combinations.

    def self.encrypt(pass, salt)
        finalString = pass + 'somekey' + salt
        Digest::SHA1.hexdigest(finalString)
    end

2. Sessions

Our next thought was ’sharing sessions would be nice’. Linking administrators directly to the backend from their frontend toolbar without having to login again, passing secret messages back and forth, that sort of thing. Rails offers cookie-only sessions or database based ones. Using the more data-sensitive one is a simple matter of uncommenting these lines from the application’s environment.rb:

    config.action_controller.session_store = :active_record_store

Then in the same file (environment.rb) you’ll find your session security key and secret:

    config.action_controller.session = {
        :session_key => 'some_secret_key',
        :secret      => 'some_secret_hash'
    }

Rails generates both of these automatically when creating your application. They are sent with every non-GET request (i.e. PUT, POST, DELETE) to verify your session and protect against cross-site forgery (there’s actually a few fiddly issues with getting in-place edits working while using this method, but I’ll save that for another post).

The important thing here is to again make sure all keys and secrets are consistent across both applications. So pick one and copy it across. Once you’ve synchronised your environment.rb session settings, you’ll need to uncomment and duplicate your session secret from the top of controllers\application.rb too. Now you’re sharing sessions!

	protect_from_forgery :secret => 'some_secret_hash'

3. Subdomains

We quickly realised that our session sharing was not going to be as smooth as first anticipated, as we typically run our client’s backends on an admin subdomain (i.e. http://admin.abcdefg.com) and as cookies don’t take kindly to being requested by subdomains that haven’t sent them, we still didn’t have our single login functionality.

After much brainstorming and hunting around, we eventually found this genius configuration option that (notice the all important ‘.’ prefix) makes the cookie available to all subdomains on a domain. Finally we had truly shared sessions.

    ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS.
        update( :session_domain => '.abcdefg.com')

4. Migrations / Models / Helpers / Deployment

The remaining issues are ones we are still facing and gradually solving. These tend to be less of a technical matter and more of an organisational one. We’re quickly establishing rules for how we order the migration files, share some models while keeping the security sensitive ones separate, bundling all of our helpers up into libraries and unifying deployment. We’re not quite there yet, but I’ll be sure to share our assumptions and solutions soon.

Setting yourself free

January 26th, 2008, Discussion, General, 1 Comment

“Being your own boss” is often touted as a direct route to personal freedom, a liberation of time management and the ability to just take back your life NOW! This is of course rarely true. The reality is extended hours and a constant pressure to succeed. While removing everyone more senior than you from your work life has the wonderful effect of also removing any negativity and frustration (if things aren’t working it’s no one’s fault but yours, if you can think of a better way to do things you can just do it), it also leaves you constantly dealing with a raw reality that a more structured hierarchy would help protect you from.

These days we are usually quite well time managed at Spoiled Milk, but due to several very large projects reaching a simultaneous climax at the end of this month, some of us are currently being forced to work very extended days. Curiously, despite the pressure and stress, the quip of “I’m working 14 hours a day for myself so I don’t have to work 7 for someone else” does hold some ground, although it’s quite often hard to pinpoint exactly why.

-

Ruby on Rails is a programming language and Web application framework that I’ve only dabbled with in the past, but my intensive work pattern recently has doubled up as in intensive training course. I’m tempted to start a series of coding related posts to share the solutions to some of the trickier hurdles I’ve come across.

Would anyone mind? Is this a good idea? I’ll tag them with something appropriate so they can be filtered out, and I’ll try to keep up the amusing stories of Danish police-patrolled cycles lanes.

Change

January 15th, 2008, Discussion, General, 1 Comment

I’ve just been for a swim at a pool I haven’t visited for quite a while. As I walked through the doors I was suddenly struck by the feeling of being in a foreign country. I don’t consciously experience this a lot while in Copenhagen these days, but for a while I was back in an alien society and everything seemed slightly quirky and off kilter: the lighting, the ticket clerk, the supremely relaxed attitudes about nudity while changing, the uptight staff-monitored showering before swimming and the packed pool at 8pm on a winter’s evening.

As I swam lengths I began contrasting my life now with how it was a few years back and what I’ve done inbetween. For about fifteen minutes I could see everything with an old pair of eyes and I was quite dumbfounded at the paths I’d taken and what I’d achieved. This started me thinking about how it was all possible and eventually came back to my much touted belief in the destructiveness of routines and safety.

In the same same way that one rarely takes a random left turn during a monotonous daily commute, it’s near impossible to make radical changes to your life when burdened with expectations and status. I tried to track how I’d managed to build up my own company here in Denmark and what would have been different in the UK. I believe the primary reason was my ability to live in a tiny room on a pittance with minimal possessions for so long. This allowed me the freedom to work hard and learn hard without having to worry about income too much. It actually wasn’t that difficult to do and even now that we are a team of five all earning enough to live, I still don’t feel the need to “raise my stakes” too much.

This prolonged low-risk battle (also shared to some degree by my cohorts) is why I think the company survived the dark days long enough to eventually attain the relative success it has, but it doesn’t answer how I managed to do it. I was previously on a reasonable wage living in a nice, well-furnished apartment and although my life was far from lavish (student debts were enough to neutralise a lot of my earnings), I arguably lived in a much more comfortable style with more freedom to do what I want.

Most of this sneaked up on me over the years and by the time I realised I was actually desperately unhappy with it all, it was almost too late. I had reached an unavoidable expectation level both from myself and of others. You can change a routine and broaden outlooks by moving to a new town, but you still can’t escape YOU; your culture, your society, your career path, your achievements and your failures.

There were lots of parts of me I didn’t want to escape from, but whatever I thought about doing next was fronted with impossibilities and obvious, logical reasons why I would fail. Selling all my things, quitting my job and moving to a different house around the corner seemed both attention seeking and destructive. I reached a point of panic and wanted out of everything. With hindsight this is what fuelled my move to Denmark. Once I arrived I felt free from many aspects of my old lifestyle, but more importantly I felt free from cultural expectations.

No matter how much you believe you can shun the typical trappings of a society, they are always with you: how to queue, how to greet people, how to address a cashier in the bank, where to look when sat opposite someone on public transport, what to wear, when to go to bed. These things are so small, yet so plentiful that in many ways they place unseen chains around every action you take. As time went on I became increasingly aware of the release my move abroad had created and, coupled with literally not knowing what was possible, I decided to try out a lot of things. Everything is a breeze when being from a different culture can be used as an internal excuse and force of reasoning. You can be an outsider and still accepted in a way that transcends social norms, solely because you’re not expected to fit in(*). It becomes a positive and inclusive experience rather than an exclusive and lonely role.

After 2 and a half years, a lot of these feelings are gone from my every day experiences, but I generally feel that they have become integrated into who I am rather than lost by the wayside.

However as I left the building I realised that actually I’d instinctively bought my ticket in Danish, showered and scrubbed all required areas, swum in the regimented lane systems and then paraded around the locker area without a towel to be seen. I even popped a couple of lakrids sweets in my pic’n'mix on the way home. I guess I’ve just accepted a whole new set of norms.

(*) Of course I realise that the pairing of a British person and Denmark’s society is generally quite fortunate in this respect and that many cultural migrations are tarred with enough prejudice to make my writing seem awkward and naive. Sorry.

DJ superteam to play Kalaset

January 1st, 2008, Events, Leave a comment

Normally DJ superteams consist of talented people working together to make music intended to enhance nights out of the house with intriguing rhythms, samples and beeps. Birds of Paradise are a little different because they play other people’s music and some of it is sad. However, they do try to play it in a nice order and include songs to clap along to.

Lucy and Russell’s first joint performance will be this Friday, the 4th of January, from 22:00 to 02:00 at Kalaset.

Kalaset [info (in Danish)]
Vendersgade 16, 1363 København K [map]

Birds of Paradise

« Back

Categories

Discussion
Drawings
Events
General
Good things
Movies
Press
Programming
Ruby on Rails
Short stories
The Book
The Botanists
Trips

Archives

July 2010
April 2010
March 2010
December 2009
November 2009
September 2009
August 2009
July 2009
June 2009
January 2009
August 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007