[Seaside] How to implement the classical email confirmationwithseaside

Boris Popov boris at deepcovelabs.com
Fri Apr 27 20:46:27 UTC 2007 

Or you could consider session expiration a free security feature
otherwise you may end up implementing one yourself to ensure old email
requests don't actually do anything after X period of time.

;)

-Boris

-- 
+1.604.689.0322
DeepCove Labs Ltd.
4th floor 595 Howe Street
Vancouver, Canada V6C 2T5
http://tinyurl.com/r7uw4

boris at deepcovelabs.com

CONFIDENTIALITY NOTICE

This email is intended only for the persons named in the message
header. Unless otherwise indicated, it contains information that is
private and confidential. If you have received it in error, please
notify the sender and delete the entire message including any
attachments.

Thank you.

> -----Original Message-----
> From: seaside-bounces at lists.squeakfoundation.org [mailto:seaside-
> bounces at lists.squeakfoundation.org] On Behalf Of Sebastian Sastre
> Sent: Friday, April 27, 2007 10:25 AM
> To: 'Seaside - general discussion'
> Subject: RE: [Seaside] How to implement the classical email
> confirmationwithseaside
> 
> > >     Any clue will be appreciated,
> > >
> > >     thank you,
> > >
> > Here's what I do:
> >
> > Mark your "change password request" objects with a unique Id (I use
> > UUID>>asString36).  Send an e-mail to the user with a URL
> > which contains
> > an ID encoded in its path.
> >
> > Create a root component and implement initialRequest:.  This
> > method gets
> > the WARequest instance as an argument.  From that you can get
> > the path
> > elements (I think I use "request nativeRequest pathParts last" to
get
> > the last one).  Now you have the id so you can pull the
> > change password
> > request object out of your database.
> >
> > David
> >
> Looks very good! This way, the sent link (unless one explicitely
implement
> it) don't has an expiration time. I'll give a try to this. Thank you
very
> much,
> 
> Sebastian
> 
> _______________________________________________
> Seaside mailing list
> Seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

More information about the seaside mailing list