I’m currently building an invite model that sends out email invitations with a link.

Question

0

Asked: June 3, 20262026-06-03T03:54:49+00:00 2026-06-03T03:54:49+00:00

I’m currently building an invite model that sends out email invitations with a link.

0

I’m currently building an invite model that sends out email invitations with a link. The links are ‘secured’ with a sha1 hash. However, the controller fails to verify the hash and I can’t figure out why…

Generated links look like

/projects/1/invitations/12?hash=c043b70c359a85e20cd9933c9cd37ef3f8943d7b

and the controller tries to verify them with

def show
    @invitation = Invitation.find(params[:id])
    if @invitation.hash.to_s != params[:hash].to_s
       redirect_to root_url
       ....

The string comparison fails every time. I’ve triple checked, but the strings seem perfectly identical.

EDIT: Some debugging information

logger.debug params
logger.debug @invitation.hash

results in the following output in the development.log

{"hash"=>"c043b70c359a85e20cd9933c9cd37ef3f8943d7b", "action"=>"show",
controller"=>"invitations", "project_id"=>"1", "id"=>"12"}
c043b70c359a85e20cd9933c9cd37ef3f8943d7b

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-03T03:54:50+00:00

Editorial Team

2026-06-03T03:54:50+00:00Added an answer on June 3, 2026 at 3:54 am

See if @invitation.hash is not actually calling Object#hash.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m currently building an invite model that sends out email invitations with a link.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply