Hello all,
I was wondering if anyone has had experience of users registering to your application and you send an email to the address they provided and they have to click it to complete registration. Standard stuff but how best to do it?
What should I put in the query string of the link I send?
The session id? I cold always take that from the cookie.
An encrypted version of the session id?
Or something else.
How have you tackled this?
I look forward to your replies.
CIA
-Ants
Hello all,
I was wondering if anyone has had experience of users registering to your application and you send an email to the address they provided and they have to click it to complete registration. Standard stuff but how best to do it?
What should I put in the query string of the link I send?
The session id? I cold always take that from the cookie. An encrypted version of the session id? Or something else.
Authlogic has the concept of a perishable token. http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic/ shows how to use this to do password resets, which from this point of view is practically the same as what you're trying to: the important bit is that users can login via something other than their password, which is sent by email. Even if you're not using authlogic you may be able to draw some inspiration from it
Fred
That’s precisely what I needed and it’s done!! Thanks very much.
-ants
Keep up to date with Rails on Twitter and This Week in Rails
Policies: Conduct, License, Maintenance, Security, Trademarks