Thanks for the response. I am using restful_authentication and have the login required process as Thorsten described.
What I wanted to do is allow a user to send a message to another user. In the mailer I want to call a method to append a token to that url that is specific to the user who will receive the email. When the user follows the link, i do a login_from_token and delete the token. Thus the token is a one time auto-login for a specific user with no extra effort for the user sending the message and allowing the user following the link to skip the login page. I am going with the remember-me cookie method, but I am still curious if there is a problem with what I want to do. I'm assuming private email is a secure way of sending the receiving user a link that would allow them auto-login. I dont use remember me cookies - i grew up in a family where we shared a pc so I just never got in the habbit and login in everywhere just seems a PITA. My email is pasword protected so it should be enough proof that I am who I am. The fact that the token only works once would also minimize the risk that a user sends the link to someone else allowing them to access their account. I dont want to waste anyone's time. I am going with remember me, but if someone is interested from an academic perspective I would enjoy their input. Thanks for the feedback. Ivor On Thu, Oct 16, 2008 at 11:27 AM, Chris Bartlett <[EMAIL PROTECTED] > wrote: > > I agree with Thorsten and suggest you look at the Restful > Authentication plugin to see how to implement this. > > On Oct 16, 6:46 am, Thorsten Müller <[EMAIL PROTECTED]> wrote: > > I would simply store the request uri in the session, > > redirect the user to the login page and after successful > > login redirect him to the requested page. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
