stackoom
  简体   繁体   中英

can i use ruby on rails get and post for the same method?

 原文  2012-07-18 15:28:19       ruby-on-rails/ ruby-on-rails-3/ http

Question

I'm new to web development in general and ruby on rails in specific. I'm working on developing a web interface where i'm using a 'Get' and 'Post' requests on the same method. When i use a get method and send parameters (like username and password), they are being visible in the url. Hence, below is what i did.

form1.html.erb 

<%= form_for :modify, :method => "post", :url => {:action => "method2"} do |f|%>
#code here to input username and password
<%=end%>

in my routes.rb i wrote the following routes to the method2: 

post 'controller/method2'
get 'controller/method2'

When i enter username and password and click on submit, it is finding the post 'method2' and executing the code in the controller, and displaying method2.html.erb as there is a get request for the same method and also there is a view for method2.

However, i suspect this is not the right way to do it. I do not want the password to be visible. I came to know that i have two options, store the password in a session or send a post request. I do not want to store in session as it is not safe. When i write a post method the page expires when the user tries to come back. To prevent either of these happening, i used the same action in controller as post and get and now i do not see any parameters visible in the url.

Please let me know if this is not the right way to do

2 answers

solution1
 3  2012-07-18 15:34:41

If you want a solid method for manipulating user & password, I recommend you go through the Ruby on Rails tutorial , it's an excellent tutorial and it will learn you the basics to start with Rails programming, including a safe username/password use.

Alternatively, you can use Devise , which is a very popular gem for this purpose.

I would not try to implement a secure user/password system without really knowing what you are doing...

solution2
 0 ACCPTED  2012-07-18 15:35:23

In your controller you should have this : 

render 'controller/method2'

And you should have a file in this path : 

app/views/controller/method2.html.erb

You don't need to have two routes.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How I use post method in Ruby on Rails Can I limit the method in Ruby on Rails is POST method only? How do I use method POST in Arduino IDE Ethernet Library, using Ruby on Rails API as post method? get and post method in controller. Ruby on Rails Can I use group_by method in ruby on rails by multi table? Is ruby going to get confused if I use variable and @variable in the same method? How can I get validation “ifs” to use parameters (Ruby on Rails) Can't use delete method on Ruby on rails How can I get the rails titlize method in a ruby script (non-rails)? Ruby on Rails using a POST method
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM