How can i hide the params in browser url?

[Sunil Kumar]

Hello,

How can i hide the params in browser url. I read many blogs and suggestions.

They suggested me to use to_params friendlyid gem.

Example.

I have a user table and have multiple records with the same name.

If i fire get request using localhost:3000/users?name=abc

Then how can i make name as identification work as id. Because name can be same.

Thanks

Sunil

[Scott Ribe]

On Jul 6, 2015, at 7:29 AM, Sunil Kumar <snlku...@gmail.com> wrote:
>
> Then how can i make name as identification work as id. Because name can be same.

Unless I'm misreading, your request is self-contradictory. If you want to request a specific record, then the URL must identify that record uniquely, period. (Well, you could use a POST, and that would take the unique id out of the URL, but I don't think that's what you want.) Simply put, asking "how can I make sure that /users?name=smith accesses the correct smith without distinguishing in the URL which smith" just doesn't make sense.

(I suppose that if the name were unique per logged-in user, you could use something from the session to search for smith per user, but it doesn't seem like that's what you're asking either.)

--
Scott Ribe
scott...@elevated-dev.com
http://www.elevated-dev.com/
https://www.linkedin.com/in/scottribe/
(303) 722-0567 voice

[Elizabeth McGurty]

Scott is so right as this being contradictory.  You are trying to seek a specific user  where uniqueness of that user is not established.  Mathematically you need some transitional element.  You simply need to gather another identifying aspect of your user.  Thereafter, you can encrypt data ( username and other_element) served, the same way you are likely encrypting your user password.
Liz

[Walter Lee Davis]

On Jul 6, 2015, at 2:18 PM, Elizabeth McGurty <emcg...@gmail.com> wrote:

> Scott is so right as this being contradictory. You are trying to seek a specific user where uniqueness of that user is not established. Mathematically you need some transitional element. You simply need to gather another identifying aspect of your user. Thereafter, you can encrypt data ( username and other_element) served, the same way you are likely encrypting your user password.
> Liz
>
> On Monday, July 6, 2015 at 9:29:07 AM UTC-4, Sunil Kumar wrote:
> Hello,
> How can i hide the params in browser url. I read many blogs and suggestions.
>
> They suggested me to use to_params friendlyid gem.

These are both good suggestions (to_param in your model, or the FriendlyId gem included in your model).

FriendlyId is the much more robust solution, and the readme on the GitHub page is pretty clear about how to add it to a working application. You'll need a migration and a bit of configuration in your model, and you need to change ModelName.find to ModelName.friendly.find wherever you are using a bare find method. But once that's done, you should be able to use whatever attribute you like as the seed of your "slug", which will replace the :id segment of your URLs. users/24 will become users/fred-rogers or whatever you can dream up.

Using to_param makes the same sort of sense, but it would require more work on your part. Every time I set out to do that because "it's too much work to get FriendlyId working", I find all sorts of edge cases that I didn't think through, and I end up ripping out the home-grown thing and using FF anyway.

But if you're curious, you can add a method in your model named to_param, and have it return any parameter you like:

before_save :update_slug

def to_param
slug
end

private

update_slug
self.slug = "#{first_name}-#{last_name}.downcase
end


Of course, then you have to ensure that first_name-last_name is globally unique, which it probably isn't. FriendlyId thinks of that, and will add serial numbers to the end of the slug to disambiguate.

And having done that, you need to change your ModelName.find methods to ModelName.find_by!(slug: params[:id]) (don't forget the ! after the method, or you won't get a 404 when the URL isn't correct).

Walter

>
> Example.
>
> I have a user table and have multiple records with the same name.
>
> If i fire get request using localhost:3000/users?name=abc
>
> Then how can i make name as identification work as id. Because name can be same.
>
>
> Thanks
> Sunil
>

> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/a3f50628-d420-453d-8ce1-4ec3ec6d5c49%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.