I’m using rails 3 and devise. I would like to do build in the following work flow.
- Article is submitted on site that requires admin approval.
- Site sends the admin of the site an email with a link to the page where the admin can review edit and approve the article
I’ve got this implemented, however, if the admin is not currently logged into the site the admin is bounced back to the root path for not being authenticated.
Is there away that the link that that is sent in the email can act as an authentication for the specific admin?
You want to look into token authentication for devise. This allows you to use a one time key to authorize user access through a URL parameter.
See more information here. http://zyphmartin.com/blog/simple-auth-token-example-with-devise
Also you could simply create a authentication token per resource and store the authentication value in the database. When you go to the approve URL for the resource pass in the resource id and the authentication token. This would be more secure than logging the user in as administrator.
If you need more help let me know.