Forum: Ruby on Rails How do you create a link to a resource that expires

How do you create a link to a resource that expires
Posted by Matt Martini (Guest)
on 2012-09-29 00:22
(Received via mailing list) 
I would like to send a link to a user (via email) that expires after a 
period of time.

When a user takes a certain action, they are emailed a link that allows 
them access to a certain resource.
What I want to do is make it so that the link will work for a period of 
time (say 48 hours) and then will
no longer work.  I would like the link to look like:

    http://www.mysite.com/stuff/b39a8b314588d04e23f15ceb026196c5
or
    http://www.mysite.com/stuff/resourcea?b39a8b314588...

Rails would need to decrypt the url (it doesn't need to be 
cryptographically secure, but it
should be non obvious), determine if the timeframe is still valid and 
serve the resource (or not).

I would rather that the timeframe be included in the link instead of 
having to do a db lookup.

Are there any gems/plug-ins out there for this?  How would I go about 
creating it from scratch?

Matt
Edit | Move | Delete topic | Reply with quote
Re: How do you create a link to a resource that expires
Posted by Christopher R. Maden (Guest)
on 2012-09-29 06:37
(Received via mailing list) 
On 09/28/2012 06:21 PM, Matt Martini wrote:
> Are there any gems/plug-ins out there for this?  How would I go about
> creating it from scratch?

Not sure about existing gems, not having looked at this in Ruby or
Rails, but having solved it in another language: you create an entry in
your database with a token and a timestamp.  When a user sends the token
back, you check the current time against the tokens associated
timestamp, and reject it if the token is unknown or the timestamp is too
old.  (Periodically, you can garden your database to delete any entry
with an old timestamp.)

~Chris
--
Chris Maden, text nerd  <URL: http://crism.maden.org/ >
LIVE FREE: vote for Gary Johnson, Libertarian for President.
     <URL: http://garyjohnson2012.com/ >  <URL: http://lp.org/ >
GnuPG fingerprint: DB08 CF6C 2583 7F55 3BE9  A210 4A51 DBAC 5C5C 3D5E
Edit | Delete | Reply with quote
Re: How do you create a link to a resource that expires
Posted by "Alexandre Calvão" <apotema@gmail.com> (Guest)
on 2012-09-29 15:06
(Received via mailing list) 
I would use cancan.

https://github.com/ryanb/cancan/wiki/Authorizing-C...

if valid(params[:token])
  authorize! :show, @stuff
end

===================
*Alexandre Mondaini Calvo*

"*Nossa recompensa se encontra no esforo e no no resultado. Um esforo
total  uma vitria completa*." [Ghandi]


2012/9/29 Christopher R. Maden <crism@maden.org>
Edit | Delete | Reply with quote
Enable email notification | Enable multi-page view
Please log in before posting. Registration is free and takes only a minute.
Existing account (Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
No account? Register here.
Powered by RForum and Captchator. Contact information - E-Mail: webmaster (at) ruby-forum (dot) com.