2

I have a rails 3 app that is currently using Devise for authentication. I would like to send an email to users from time to time that would contain a link. When they click the link they would...

  1. bypass the login page
  2. go directly to the page i'm directing them to
  3. and authenticate in the process

I tried several Google searches that would shed some light but came up empty. I am interested in the how to's, the risks and how to make it as secure as possible.

Also, are there any other Tags that would be relevant to this question?

Thanks!

Jay
  • 6,206
  • 11
  • 48
  • 82

2 Answers2

2

I think you're really looking for token authentication.

Take a look at this blog (deleted) which is linked to from the devise wiki here.

It's a bit of a weird example in that UI given is for a user to generate a login link for themselves. Still - it presents the correct approach to login-using-a-link.

Sabar
  • 478
  • 2
  • 20
cailinanne
  • 8,332
  • 5
  • 41
  • 49
1

Update: Token Authentication has been removed from Devise. This gist and this Stack Overflow post address the issue.

Community
  • 1
  • 1
Sabar
  • 478
  • 2
  • 20