email verifier

Hi, we have a "verify email" email that goes to users when they sign up. As it is, when they click on the link back to the site, we find them by the activation code that is stored on the user and is in the url. The problem is, if they're not logged in, they have to log in before they can be activated. We use acts as authenticated for our authentication and we'd like the user to be automatically logged in if they come in through that link.

I'm not sure how to do that and haven't been able to find anything on it. Any thoughts?



If you are using the before_filter logged_in? then use the :except => [:method_you_want_to_exclude]. Then in the method, after you have verified that they are legit (or whatever you do), set session[:user] = to their id. That way, the next time they hit logged_in? it will find their id in the session and look them up, correctly setting @current_user. Just know that by excluding that one method, you are effectively removing authentication in it so you must do something manually to verify that they are legitimate. It's application specific obviously, but I assume something like verifying that the code they used is legit and matches a username or something. Anyway, this should get you started.


jg wrote: