Created
June 2, 2010 21:36
-
-
Save mcansky/423030 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
perishable tokens ? | |
I want to publish invoices after a product checkout. I don't want to send the invoice by email but rather give a link to the user in the email. The file itself is stored on aws s3. | |
By default AWS S3 generates perishable urls when the url method is used (http://amazon.rubyforge.org/) | |
The customers don't have accounts in the shop, they fill up a form every time they buy something on the shop. So they will not have access to a list of their past orders. | |
I'm thinking to use a Token model with something like id, and token attributes, with an attached controller. When the "invoice ready" email is prepared a token is generated (let's say a unique 8 digits string), associated with the invoice object, and a link to the app using that token (http://app/tokens/<token>) is inserted in the email. | |
Then when the customer follow that link the controller redirects to the a fresh S3 url that would perish few minutes later. | |
That way : the customer would still be able to retrieve his invoice even if already did, yet it would not be trivial to access the invoice either. or is it ? | |
my thinking seems a bit twisted and complicated to me, yet it sounds like it could work, no? some better, more railsfull way to do it ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment