Unique URLs for authentication


#1

I’ve set up a route like this

map.connect ‘confirm/:id/:full_name/’, :controller => “users”, :action
=> “confirm”

and I’m wondering what is the best way to verify in the confirm method.

full_name created in the model and it’s not in the database.

This doesn’t work because it doesn’t parse one, then the other…

if @user = User.find(params[:id]) && @user.full_name ==
params[:full_name]

cool

else

bad

end

I want to do it the nice way, it doesn’t seem right to nest a whole heap
of if statements. If you can help me out it’d be awesome, cheers!


#2

Darren, a good design pattern that is useful for lots of models if
you’re aiming for RESTfulness is to add a before_filter to your
controller. So, if I understood your question correctly:

class UsersController < ApplicationController
before_filter :retrieve_user

Executed before every request if processed

def retrieve_user
@user = User.find(params[:id])
end

def confirm
if @user.full_name == params[:full_name]
head :ok
else
head :bad_request
end
end
end

Cheers, --Kip


#3

Should have explained a little further, just in case.

This doesn’t work because it doesn’t parse one, then the other…

if @user = User.find(params[:id]) && @user.full_name ==
params[:full_name]

Ruby will check the predicated of an ‘if’ statement in the order you
type them
and will therefore work as you expect. Except…

A Model.find(id) will raise an exception if the id isn’t found. This
will, by default,
cause Rails to send your 404 page (not found) which is pretty cool
really.
Because you don’t have to get fussed about worry about the case where
the id
is not found in your app logic.

Thats why the before_filter I suggested works too. Your controller
action
code will only every get executed if the User.find(id) is successful
and you
just use the info retriieved.

Lastly, the pattern of /:controller/:id/:action is very common (and
how
RESTful resources work. Which means your before filter is going to be
just
as useful for your CRUD actions as well.

Cheers, --Kip


#4

Awesome, thanks buddy. I’m still learning ‘the rails way’. Good
solution.