How to understand authenticated?(:activation, params[:id]) in rails 4?

Rails
#1

I am reading Michael H.'s rails tutorial and i couldn’t understand
this
line at chapter 10 authenticated?(:activation, params[:id])

According to the author this line is used to compare the
activation_digest and
the token This implicates that the token will be available at
params[:id]

This is where i get confused . Does params[:id] retrieve user’s ID how
can
they compare ID with activation_digest?

However authenticated?(:remember, cookies[:remember_token]) makes
perfect
sense to me. Anyone ? Your help will be very much appreciated!

The related code is shown on below :

account_activations_controller.rb

class AccountActivationsController < ApplicationController
def edit
user = User.find_by(email: params[:email])
if user && !user.activated? && user.authenticated?(:activation,
params[:id])
user.activate
log_in user
flash[:success] = “Account activated!”
redirect_to user
else
flash[:danger] = “Invalid activation link”
redirect_to root_url
end
endend

User.rb
class User < ActiveRecord::Base

attr_accessor :remember_token, :activation_token, :reset_token

before_save :downcase_email
before_create :create_activation_digest
validates :name, presence: true, length: { maximum: 50 }
VALID_EMAIL_REGEX =
/\A[\w+-.][email protected][a-z\d-]+(.[a-z\d-]+)*.[a-z]+\z/i
validates :email, presence: true, length: { maximum: 255 },
format: { with: VALID_EMAIL_REGEX },
uniqueness: { case_sensitive: false }
has_secure_password
validates :password, length: { minimum:6 }, allow_blank: true
class << self
# Returns the hash digest of the given string.
def digest(string)
cost = ActiveModel::SecurePassword.min_cost ?
BCrypt::Engine::MIN_COST :
BCrypt::Engine.cost
BCrypt::Password.create(string, cost: cost)
end

# Returns a random token.

def new_token
SecureRandom.urlsafe_base64
endend

Remembers a user in the database for use in persistent sessions.

def remember
self.remember_token = User.new_token
update_attribute(:remember_digest, User.digest(remember_token))
end

Returns true if the given token matches the digest.

def authenticated?(remember_token)
return false if remember_digest.nil?
BCrypt::Password.new(remember_digest).is_password?(remember_token)
end

Returns true if the given token matches the digest.

def authenticated?(attribute, token)
digest = send("#{attribute}_digest")
return false if digest.nil?
BCrypt::Password.new(digest).is_password?(token)
end

Forgets a user.

def forget
update_attribute(:remember_digest, nil)
end

Activates an account.

def activate
update_attribute(:activated, true)
update_attribute(:activated_at, Time.zone.now)
end

Sends activation email.

def send_activation_email
UserMailer.account_activation(self).deliver_now
end

Sets the password reset attributes.

def create_reset_digest

self.reset_token = User.new_token

update_attribute(:reset_digest,  User.digest(reset_token))
update_attribute(:reset_sent_at, Time.zone.now)

end

Sends password reset email.

def send_password_reset_email
UserMailer.password_reset(self).deliver_now
end

private# Converts email to all lower-case.def downcase_email
self.email = email.downcaseend

Creates and assigns the activation token and digest.def

create_activation_digest
self.activation_token = User.new_token
self.activation_digest = User.digest(activation_token)
endend

#2

On Thursday, April 9, 2015 at 1:50:56 PM UTC+1, Snail Walker wrote:

I am reading Michael H.'s rails tutorial and i couldn’t understand this
line at chapter 10 authenticated?(:activation, params[:id])

According to the author this line is used to compare the activation_digest and
the token This implicates that the token will be available at params[:id]

This is where i get confused . Does params[:id] retrieve user’s ID how
can they compare ID with activation_digest?

The contents of params[:id] will depend on the route that is being hit
and
the url generated - from the information given so far it could be
anything.

Fred

#3

On Thursday, April 9, 2015 at 2:51:22 PM UTC+1, Snail Walker wrote:

Thank you so much fred, I have just included routes.rb file .but still
can’t relate anything to *params[:id]. *

That means that id is just the first parameter in the url (because
you’ve
got restful urls) - if the url is /account_activations/abc123/edit then
params[:id] would be abc123. You’ll need to find the place where you
generate that link (probably in the mailer or its views) to be sure of
what
params[:id] is

Fred

#4

Thank you so much fred, I have just included routes.rb file .but still
can’t relate anything to *params[:id]. *

routes.rb

Rails.application.routes.draw do
get ‘password_resets/new’

get ‘password_resets/edit’

get ‘sessions/new’

get ‘users/new’

root ‘static_pages#home’
get ‘help’ => ‘static_pages#help’
get ‘about’ => ‘static_pages#about’
get ‘contact’ => ‘static_pages#contact’
get ‘signup’ => ‘users#new’
get ‘login’ => ‘sessions#new’
post ‘login’ => ‘sessions#create’
delete ‘logout’ => ‘sessions#destroy’
resources :users
resources :account_activations, only: [:edit]
resources :password_resets, only: [:new, :create, :edit, :update]

#5

Thank you Fred . I think I mistaken the ID here as the user table’s ID
attribute . I got the idea now . :slight_smile:

#6

Thank you Fred . I think I mistaken the ID here as the user table’s ID
attribute . I got the idea now . :slight_smile: