RoR vs-nodejs-by-jcskyting

⺩王信凱 Sky
FB: jcsky.wang
Ruby on Rails: 6 months
Node.js: 1 week / 1 project
內容如有錯誤資訊請來信指正
jcskyting@gmail.com

WHY~?!
• Ruby on Rails: 想開發網站，AlphaCamp ihower
• Node.js: front-end interview (javascript, full-stack)

Rails vs Node.js
Ruby
Rails
Rails server engine /
event driven gem
include many many
CRUD / DataBase / safe
sync
javascript
express / koa / sails ..
node.js 
npm any you want
speed / realtime / anyway
you want
async

Rails vs Node.js
Node.js is not framework..
express / koa / hapi / sails

Rails vs Node.js
• javascript 不會報錯誤，不易 Debug (chrome console )

Rails vs Node.js
• Node.js 沒有 server log，不易 Debug

Rails vs Node.js
• Rails console debug

Rails vs Node.js
• 透過 Rails method，換 database 不必改 code
• 優點: 開發快、不爽就換 DB
• 缺點: 對DataBase的個別特性瞭解有限、不熟悉
Event.joins(:category)
# SELECT "events".* FROM "events" INNER JOIN "categories" ON "categories"."id" =
"events"."category_id"
Event.includes(:category, :attendees)
# SELECT "events".* FROM "events"
# SELECT "categories".* FROM "categories" WHERE "categories"."id" IN (1,2,3...)
# SELECT "attendees".* FROM "attendees" WHERE "attendees"."event_id" IN (4, 5, 6,
7, 8...)

Rails vs Node.js
• not only Ruby, numerous Rails helper method
html 重覆使⽤用
<%= render :partial => 'form', :locals => { :f => f } %>
form
<%= form_for @event, :url => { :controller => 'events', :action =>
'update', :id => @event } do |f| %>
<%= f.textarea :description, :class=>”w100p”, :rows =>10 %>
<%= f.submit "Update" %>
<% end %>
controller method 重覆使⽤用
before_action :set_event, :only => [ :show, :edit, :update, :destroy]
session read/write
session[:hahaha]

Rails vs Node.js
• Rails have some Security Design (實戰聖經)
跨站偽造請求CSRF(Cross-site request forgery)
Rails內建了CSRF防禦功能，也就是所有的POST請求，都必須加上⼀一個安全驗證碼
HTML:
<input type="hidden" name="authenticity_token" value="zFGT
+TiykMj7Tsip3sY5G7iELupGD3BttZ8x6F2diThGOVH9+nEoXxkeLOhuLx9kGaWRoOh
ZuwY+OXzXU3EevA==">
Parameters:
{"utf8"=>"✓", "authenticity_token"=>"HC4eVH/
wdojRqSJFk8xYdobZPByVTFkh2WiCbK6HYb+WRtxQvTPOHzP5xgQjJX4JJ/
iDVjsakkpSzs9ToGv2Ow==", "issue"=>{"title"=>"yaya", "description"=>"what the
fuck"}, "commit"=>"建⽴立議題"}

Rails vs Node.js
• Rails have some Security Design(實戰聖經)
跨站腳本攻擊XSS(Cross-Site Scripting)
惡意的使⽤用者可以將惡意的Script放在網⾴頁上讓其他使⽤用者執⾏行
要防範這個問題的⽅方法，就是要逸出使⽤用者輸⼊入的內容，例如將<script>變成
<script>，使之顯⽰示出來的時候不讓瀏覽器去執⾏行，Rails預設全部逸出
若要開放讓使⽤用者可以張貼簡單的HTML內容，使⽤用⽩白名單功能

Rails vs Node.js
• Rails have some Security Design(實戰聖經)
log敏感資訊過濾(預設)
Processing UsersController#create (for 127.0.0.1 at 2009-01-02 11:02:33) [POST]
Parameters: {"user"=>{"name"=>"susan",
"password_conﬁrmation"=>"[FILTERED]", "password"=>"[FILTERED]"},
"commit"=>"Register", "action"=>"create",
"authenticity_token"=>"9efc03bcc37191d8a6dc3676e2e7890ecdfda0b5",
"controller"=>"users"}

gem vs npm
• 什麼~?!! npm.count ⽐比較多!!

Rails intro
MVC
Model-View-Control
route.rb
HTTP request
GET /users/1
Browser
UsersController
end
def show
@user = User.ﬁnd(params[:id])
respond_to do |format|
format.html
format.xml
end
end
def index
......
end
Model
Database
#show.html.erb
<html>
<h1>User Proﬁle</h1>
<p><%= @user.nickname %></p>
</html>
View
Controller Action

Rails intro
Rails ?
• Justin Gehtland Java :Rails = 3.5 : 1
• Proc.net PHP : Rails = 10 : 1
• JavaEye JAVA : Rails = 10 : 1
• thegiive PHP : Rails = 8 : 1

Rails vs Node.js
Ruby
Rails
Rails server engine /
event driven gem
include many many
CRUD / DataBase / safe
javascript
express / koa / sails ..
node.js 
npm any you want
speed / realtime /
anyway you want

in the future
Real Time App / Web

再⾒見⼿手札 theword.tw
FB: 再⾒見⼿手札 www.facebook.com/theword.tw
「再⾒見⼿手札 vs 健保卡註記器捐意願、安寧意願」
在法律上，再⾒見⼿手札是沒有法律效⼒力的
然⽽而實務上，醫院、醫師皆會以家屬意願為主(⽽而⾮非以健保卡註記為
主，⽣生⼈人不可得罪..)
因此健保卡註記就只剩下意願傳達的功能了…(沒辦法，你無法彈起
來告醫師違背你的⽣生前意願)
既然只是意願傳達，那就不需要這麼⿇麻煩了，動兩下⼿手指，讓「再
⾒見⼿手札」幫你搞定吧~!!

RoR vs-nodejs-by-jcskyting

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Similar to RoR vs-nodejs-by-jcskyting

Similar to RoR vs-nodejs-by-jcskyting (20)

Recently uploaded

Recently uploaded (20)

RoR vs-nodejs-by-jcskyting