Unique URLs for authentication

Darren, a good design pattern that is useful for lots of models if you're aiming for RESTfulness is to add a before_filter to your controller. So, if I understood your question correctly:

class UsersController < ApplicationController   before_filter :retrieve_user

  # Executed before every request if processed   def retrieve_user     @user = User.find(params[:id])   end

  def confirm     if @user.full_name == params[:full_name]        head :ok     else        head :bad_request     end   end end

Cheers, --Kip

Darren Jeacocke wrote:

Should have explained a little further, just in case.

> This doesn't work because it doesn't parse one, then the other...

> if @user = User.find(params[:id]) && @user.full_name == > params[:full_name]

Ruby will check the predicated of an 'if' statement in the order you type them and will therefore work as you expect. Except.....

A Model.find(id) will raise an exception if the id isn't found. This will, by default, cause Rails to send your 404 page (not found) which is pretty cool really. Because you don't have to get fussed about worry about the case where the id is not found in your app logic.

Thats why the before_filter I suggested works too. Your controller action code will only every get executed if the User.find(id) is successful and you just use the info retriieved.

Lastly, the pattern of /:controller/:id/:action is very common (and how RESTful resources work. Which means your before filter is going to be just as useful for your CRUD actions as well.

Cheers, --Kip