Unique URLs for authentication

Darren, a good design pattern that is useful for lots of models if
you're aiming for RESTfulness is to add a before_filter to your
controller. So, if I understood your question correctly:

class UsersController < ApplicationController
  before_filter :retrieve_user

  # Executed before every request if processed
  def retrieve_user
    @user = User.find(params[:id])

  def confirm
    if @user.full_name == params[:full_name]
       head :ok
       head :bad_request

Cheers, --Kip

Darren Jeacocke wrote:

Should have explained a little further, just in case.

> This doesn't work because it doesn't parse one, then the other...

> if @user = User.find(params[:id]) && @user.full_name ==
> params[:full_name]

Ruby will check the predicated of an 'if' statement in the order you
type them
and will therefore work as you expect. Except.....

A Model.find(id) will raise an exception if the id isn't found. This
will, by default,
cause Rails to send your 404 page (not found) which is pretty cool
Because you don't have to get fussed about worry about the case where
the id
is not found in your app logic.

Thats why the before_filter I suggested works too. Your controller
code will only every get executed if the User.find(id) is successful
and you
just use the info retriieved.

Lastly, the pattern of /:controller/:id/:action is very common (and
RESTful resources work. Which means your before filter is going to be
as useful for your CRUD actions as well.

Cheers, --Kip