How to construct unsubscribe link?

Hello. In my app I send emails to tell that the user has certificate and I want to put a link - Unsubscribe. I don’t know how to construct this link so that there won’t be users that unsubscribe other users. I mean I want to make that is safe. I look in the web for how these unsubscribe links are made but I couldn’t find anything. Can someone help me? Thanks in advance

You should look at Devise gem Token Authenticatable solution as example.

You just add “?auth_token=#{@user.auth_token}” to your unsubsribe url.

Thanks for the quick response :slight_smile:

22 юли 2012, неделя, 15:14:13 UTC+3, Андрей Большов написа:

Andrei’s solution works because with Device gem the User#auth_token is randomly generated and unique per your app. It would be extremely hard to brute-force it, that’s why it’s safe; though it would be a good idea to make sure you deny 4th or whichever unsuccessful try to use the same action in the same context (i.e. relating to the same user; similarly to that when you get your account locked if you enter PIN 3 times unsuccessfully) if you are expecting to be brute-forced or simply have higher security level required by the client or yourself.

The basic principle could be seen put into practice all over the security-related fields: make it harder to brute force it than the data that the “offender” tries to get hold of is worth.

Thanks I was looking exactly for answer like yours - Andrei’s answer is cool and I only needed more theory on these unsubscribe links. Thanks Dihital :slight_smile:

22 юли 2012, неделя, 17:41:54 UTC+3, Dihital написа:

Sure! Glad to have helped somewhat. It’s a perception thing (at least it is for me). I mean a string of 10 symbols of hexadecimal characters (0-through-f) could have 16^10 outcomes (= over 1 trillion = 100 billions). So just a single random guess (like buying lottery ticket) would give you a 1 in / 1110 000 000 chance to hit it.

Most random ID generators (or however they are called) uses 20 or 22 symbols. So the chance to “guess it” goes to “insanely unlikely”.

I just want to make it explicit, that I’ve made quite a few errors in numbers because of poor editing. Still it stays at billions even for a 10-character hexadicamal (gmail says to put ‘sp’ here ;)). I myself realized the unlikeliness of a conflict by using GIT. I mean if GIT is good enough for keeping thousands of revisions by this system, then the system is fine, but as I said you could always take extra precautions, the degree of those depending on your needs: I mean you could make an app that requires each step to be confirmed by an administrator… I think you see where I am going with this: it’s either pure math or you monitoring stuff personally for an extra 0.000001% better. I’d turn to math and statistics in such a case that you described.

BTW is anyone disagreeing with me? I hope so, then please write to this thread so we can come to an optimal solution (or as close as we could get to it in a general case we are talking about).