在Rails应用程序混淆IDS [英] Obfuscating ids in Rails app
问题描述
我试图混淆所有离开服务器,即标识,出现在URL和在HTML输出标识。
I'm trying to obfuscate all the ids that leave the server, i.e., ids appearing in URLs and in the HTML output.
我写了一个简单的Base62 LIB具有方法EN code和德code。定义,甚至更好,覆盖一个ActiveRecord的标识方法返回的ID EN codeD版和调节控制器,用来加载德codeD资源 PARAMS [:ID]
给我想要的结果。该IDS现在base62连接codeD中的URL和响应显示正确的资源。
I've written a simple Base62 lib that has the methods encode and decode. Defining—or better—overwriting the id method of an ActiveRecord to return the encoded version of the id and adjusting the controller to load the resource with the decoded params[:id]
gives me the desired result. The ids now are base62 encoded in the urls and the response displays the correct resource.
现在我开始注意到,通过的has_many
的关系定义子资源不加载。例如我有一个名为用户
的的has_many
发表
的纪录。现在 User.find(1).posts
为空,虽然有与 USER_ID = 1
的帖子。我的解释是,ActiveRecord的必须比较 USER_ID
发表
与方式 <$的对C $ C> ID 用户
华征信我已经覆盖代替,用自[:ID]
。所以基本上这使得我的方法没用。
Now I started to notice that subresources defined through has_many
relationships aren't loading. e.g. I have a record called User
that has_many
Post
s. Now User.find(1).posts
is empty although there are posts with user_id = 1
. My explanation is that ActiveRecord must be comparing the user_id
of Post
with the method id
of User
—which I've overwritten—instead of comparing with self[:id]
. So basically this renders my approach useless.
我想有有点像其余的模型和定义 obfuscates_id
将被照顾的,也就是说,在做所有的编码/解码的合适的位置和preventing IDS由服务器返回。
What I would like to have is something like defining obfuscates_id
in the model and that the rest would be taken care of, i.e., doing all the encoding/decoding at the appropriate locations and preventing ids to be returned by the server.
是否有任何宝石可还是有人有线索如何做到这一点?我敢打赌,我不是第一个尝试这种。
Is there any gem available or does somebody have a hint how to accomplish this? I bet I'm not the first trying this.
推荐答案
你所描述听起来像一个URL塞一个专门的应用程序是什么。看看像acts_as_sluggable或friendly_id插件。也期待在覆盖to_param方法上的用户模型。
What you are describing sounds like a specialized application of a URL slug. Take a look at plugins like acts_as_sluggable or friendly_id. Also look at overriding the to_param method on your User model.
也许从这里开始:<一href="http://stackoverflow.com/questions/86558/best-permalinking-for-rails">http://stackoverflow.com/questions/86558/best-permalinking-for-rails
这篇关于在Rails应用程序混淆IDS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!