I’m making a simple blog in which I will be the sole poster, and

Question

0

Asked: June 14, 20262026-06-14T08:23:22+00:00 2026-06-14T08:23:22+00:00

I’m making a simple blog in which I will be the sole poster, and

0

I’m making a simple blog in which I will be the sole poster, and would like to make a simple but secure system of authentication/authorization for posting blog entries.
In this case, authentication and authorization will be the same, and I’m not sure if it’s necessary to have a separate authentication model.

It seems to me the simplest way would be to just include my password in the url to my “new_post” page, by routing the following way in routes.rb

match '/my_password_here, to: 'Post#new'

Is this somehow a bad idea? If so please let me know why.

I’m still new to programming, and am learning the ropes on security-related issues. While I don’t plan to be actively targeted by anyone, I’d imagine getting one’s blog hacked is bad for business.

Thanks in advance for your input!

Edit: to clarify, I currently have just one model, Post.rb, and two controllers posts_controller.rb and static_pages_controller.rb.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-14T08:23:23+00:00

Editorial Team

2026-06-14T08:23:23+00:00Added an answer on June 14, 2026 at 8:23 am

I think it’s a (very) bad idea, because everyone can see your password by looking at the URL. Besides it will be in the browser’s history. I recommend using HTTP basic authentication like this:

class PostsController < ApplicationController
  http_basic_authenticate_with :name => "my_username", :password => "my_password", :except => [:index, :show]
end

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m making a simple blog in which I will be the sole poster, and

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply