Thanks for the advice, phillc. I ended up doing this in the view. As you mention, one of the reasons is that when the invite is used (user clicks the link), I mark the invite as being completed. I don't need to recalculate the hash at that point.
I'm basically just using it as an ID for that row which is not incremental and therefore tougher to just type in. That way, I can use it in the URL with at least a small degree of obscurity (enough for my needs anway). Thanks to all for the advice and experience. /alex On Mon, Apr 7, 2008 at 9:57 AM, phillc <[EMAIL PROTECTED]> wrote: > > ive implemented a hash in the save method, and ive implemented in the > model default=(hash function), and ive done it in my view. > > they all worked fine, just remember if you override save, if you have > any data that goes along with the invite and edit it, the hash will be > created again unless you write something for it > > (example: your invite table has name email and hash, you send invite > out and they get the hash, you later edit that person's name and the > hash is re-made making their previous invite invalid) > > On Apr 6, 6:38 pm, "Alex Ezell" <[EMAIL PROTECTED]> wrote: > > On Sun, Apr 6, 2008 at 1:38 PM, [EMAIL PROTECTED] > > > > > > <[EMAIL PROTECTED]> wrote: > > > > > The way I would handle it is in the save method of the invitation > > > model I would do: > > > def save(self, *args, **kwargs): > > > if not self.pk: > > > #This is a new invite, we need to generate the code > > > self.hash = do_something_to_generate_the_hash > > > super(Invite, self).save(*args, **kwargs) > > > > Thanks Alex! > > > > Overriding the save had occurred to me. I wasn't sure if there was > > something more built-in. I'm still not sure that my plan is the best > > way. I'm always wary of sending emails from the system to addresses > > which people have not knowingly provided. > > > > /alex > > > > > > > > > On Apr 6, 1:31 pm, "Alex Ezell" <[EMAIL PROTECTED]> wrote: > > > > My use case is that I need to send invites via email to people. These > > > > are not site users, but are people being invited to join the site (and > > > > a particular group on this site) by current users. So, I can't ask > > > > them to login, because I have no data about them. > > > > > > They would then click the link in the email and the site would use the > > > > random hash value in the url to look up the invite and then do > > > > whatever else it needs to do for that type of invitation. > > > > > > I'm doing this so that there is at least a modicum of protection from > > > > someone just incrementing the values in the URL to mess with the > > > > invite system. It, by no means, needs to be "secure" which this method > > > > would clearly not be. > > > > > > Think of the model of a member of a Facebook group entering a friend's > > > > email and inviting them to join the group. But that friend may or may > > > > not be a user of the site. > > > > > > My question is: What's the best way to create this random hash when > > > > the invitation is saved? Can I do it with some default in the model? > > > > > > I'd also welcome any perspective on handling this use case better. > > > > I've only just begun thinking through it. > > > > > > Thanks! > > > > > > Alex > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
