[dancer-users] route handler for a URL that matches a token
Andrew Solomon
andrew at geekuni.com
Thu Sep 17 10:44:14 BST 2015
Hi Richard,
[Without knowing the full state diagram of the site you're setting up I'm
not sure I'm really answering your question, however...]
What I can say is that when you send someone an email with a link to click,
the corresponding GET route handler should *not* be assuming there's a
session for that user since the web server's session cache may have been
cleared before they respond to the email.
If you want the token attached to the user so that when they click on the
link you know who's visiting, you should store the token in your database
against the user's account.
Does that answer your question?
Andrew
On Thu, Sep 17, 2015 at 1:16 AM, Richard Reina <gatorreina at gmail.com> wrote:
>
> 2015-09-16 16:46 GMT-05:00 Andrew Solomon <andrew at geekuni.com>:
>
>> Hi Richard
>>
>> Firstly with the GET request when you click on this
>>
>> http://myapp.com/reset/JiOk49ld9oekdisJkflSS3ed
>> <http://myapp.com/resetJiOk49ld9oekdisJkflSS3ed>
>>
>> your route handler will be something like this (note ':' instead of '$'):
>>
>> get '/reset/:token' => sub {
>>
>> return template 'pass_reset' => {
>> token => params->{token}
>> };
>>
>> };
>>
>> This template views/pass_reset.tt will contain something like
>>
>> <form action="/reset/[% token %]" method="post">
>> <input type="password" name="password1"><br/>
>> <input type="password" name="password2"><br/>
>> <input type="submit" value="Submit">
>> </form>
>>
>>
>> and back in the controller on clicking submit, it will be handled by
>>
>> post '/reset/:token' => sub {
>>
>> # do something to check params->{password1} eq params->{password2} ...
>>
>> };
>>
>>
>> (Please imagine the code above is scribbled on a blackboard - I haven't
>> run it:)
>>
>> Andrew
>>
>>
> Hi Andrew,
>
> Thank you for the reply. For the value of token in the url '/reset/:token'
> do I first set the value of token with
>
> my $token = get_token(); # subroutine that returns generated token
>
> session username => $token;
>
> so that it matches the urlJiOk49ld9oekdisJkflSS3ed
> <http://myapp.com/resetJiOk49ld9oekdisJkflSS3ed> link that was sent to
> the user in the email?
>
>
> _______________________________________________
> dancer-users mailing list
> dancer-users at dancer.pm
> http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
>
>
--
Andrew Solomon
Mentor at Geekuni http://geekuni.com/
http://www.linkedin.com/in/asolomon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.preshweb.co.uk/pipermail/dancer-users/attachments/20150917/6699bcb2/attachment.html>
More information about the dancer-users
mailing list