Home/ Questions/Q 8463703
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T14:31:46+00:00

I want to set up a registration process in which the user initially requests

  • 0

I want to set up a registration process in which the user initially requests more information from the site and then subsequently receives an e-mail containing a link to the actual registration page. The link should be a randomly generated URL, and access to the registration page should be otherwise restricted. In other words, the registration page shouldn’t be accessible by manually typing a URL into the browser.

I would appreciate any advice on how best to implement these features.

I’m new to Rails, so I apologize in advance if this question is basic or if it has already been covered.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You need to store the random token in a database. Since you are sending it to an email address, you probably want to store the email as well so that you can add it to your User model when they register. Below are some of the relevant parts you can do (although you will need to fill in the gaps).

    Essentially, you need to generate the registration token, with RegistrationToken.new(:email => "their email address"), in a controller.

    This model implements the generation of the random token:

    class RegistrationToken < ActiveRecord::Base
  # the secret is just to make the random number generator more secure
  @@secret = 6345
  def initialize
    # info at http://www.ruby-doc.org/core-1.9.3/Random.html
    seed = Random.new().integer(1000000000) + @@secret
    token = Random.new(seed).integer(1000000000);
    # you might want to generate random numbers larger than 1 billion
    # for more security (maybe with 64 bit integers?)
  end
end

    and a migration for your database:

    class CreateRegistrationTokens
  def change
    create_table :products do |t|
      t.string :email
      t.integer :token
      t.timestamps
    end
  end
end

    Then you just need to setup your controller and view.

    For your registration controller, you just need something like:

    class RegistrationsController < ActiveRecord::Base
  def new
    @registration_token = RegistrationToken.find(params[:token]).first
    if @registration_token.nil?
      raise 'Invalid token' # or whatever you want, eg. redirect to a page
    end
    # otherwise render the registration form (can do implicit render)
  end
  def create
    @registration_token = RegistrationToken.find(params[:token]).first
    if @registration_token.nil?
      raise 'Invalid token' # or whatever you want, eg. redirect to a page
    end
    # otherwise create the user, eg.
    User.create(params[:user].merge(:email => @registration_token.email))
    @registration_token.destroy
  end
end

    The controller actions above essentially makes sure that they can only register if a matching token is found in the database.

    • 0