While Rack::Attack handles basic rate limiting, custom throttling logic gives fine-grained control over quotas, burst allowances, and per-feature limits. I implement a token bucket algorithm in Redis using sorted sets to track request timestamps per u

Action Cable brings WebSocket support to Rails, enabling real-time features like live notifications, collaborative editing, or chat systems. Clients subscribe to channels that broadcast updates when server-side events occur. I use Redis as the pub/sub

Rack middleware sits between the web server and Rails application, providing a hook for cross-cutting concerns like request logging, metrics collection, or custom authentication. I use middleware to inject request IDs, track response times, or enforce

GraphQL provides clients flexibility to request exactly the data they need, reducing over-fetching and under-fetching compared to REST. The graphql-ruby gem integrates GraphQL into Rails with a schema-first approach. I define types for each model, fie

As applications grow, read operations often dominate database load. Directing reads to replica databases while keeping writes on the primary reduces contention and improves response times. Rails makes this straightforward with connects_to and role-bas

Storing secrets in environment variables works but gets messy at scale with dozens of keys. Rails encrypted credentials provide a structured alternative where secrets live in version-controlled credentials.yml.enc files, encrypted with a master key st

Hard deletes make data recovery impossible and complicate audit trails. Soft deletes mark records as deleted without removing them from the database, preserving history and enabling undo functionality. The paranoia gem adds a deleted_at timestamp colu

Auto-generated API documentation from code annotations keeps docs in sync with implementation and reduces maintenance burden. The rswag gem generates OpenAPI 3.0 specs from RSpec request specs, providing interactive documentation via Swagger UI. I wri

Redis provides a fast, in-memory cache for expensive computations that don't change frequently. I use Rails.cache with the Redis store to cache things like trending posts calculations, aggregated statistics, or external API responses. The fetch method

While ActiveRecord validations catch most invalid data, database constraints provide a safety net that prevents invariant violations even when validations are bypassed. I add null: false constraints for required columns, unique indexes for uniqueness

Polymorphic associations allow a model to belong to multiple other models through a single association, which is useful for shared behaviors like comments, likes, or attachments. Instead of separate post_id and article_id columns, a polymorphic associ

Not all background job failures should be retried the same way. Transient failures like network timeouts benefit from exponential backoff, but bugs in code or invalid data should fail immediately after a few attempts. Sidekiq provides retry configurat