如何生成链接以取消订阅电子邮件 [英] how to generate link for unsubscribing from email
问题描述
我有一个简单的rails应用程序,用户可以向10多人发送大量电子邮件。在这封电子邮件中,我希望在底部始终有一个链接,最终用户可以点击链接取消订阅通知。我没有太多的想法应该如何解决这个问题。
I have a simple rails app where user can send a mass email to 10+ people. In this email I'd like to always have a link at the bottom which the end user can click to unsubscribe himself from the notifications. I don't have much idea how I should tackle this.
电子邮件中只能有一个通用链接,用户点击然后输入他们的电子邮件地址取消订阅?但是问题在于其他一些用户可以取消订阅其他用户。
can there be just a generic link in the email which users click then enter their email address to unsubscribe themselves? But problem with this is that some other user could unsubscribe someone else.
我想为每个电子邮件生成一个特定的唯一链接,以便用户单击它时,它会自动从列表中删除该用户,而不是用户不得不做一些额外的工作。
I would like to generate a specific unique link for each email so that when user clicks it, it automatically removes that user from the list rather than user having to do some extra work.
为了实现这一点,我应该从哪里开始?
Where should I start in order to implement this?
推荐答案
您的取消订阅链接可能如下所示: http:// host / application / unsubscribe?address=example@example.com& token = 598bbdf39bc8f27b07fe85b6a7dd8decef641605
Your unsubscribe links could look like this: http://host/application/unsubscribe?address=example@example.com&token=598bbdf39bc8f27b07fe85b6a7dd8decef641605
使用电子邮件地址和魔术令牌生成令牌。理想情况下,您将使用HMAC与SHA256,但即使只是sha1应该够好:
Generate the token using the email address and a magic token. Ideally, you'd use HMAC with SHA256, but even just sha1 should be 'good enough':
$ echo "secret token example@example.com" | sha1sum
598bbdf39bc8f27b07fe85b6a7dd8decef641605 -
秘密令牌
部分将在您的应用程序中修复,并且 example@example.com
需要匹配电子邮件地址。
The secret token
portion would be fixed in your application, and the example@example.com
needs to match the email address.
当然,如果这个秘密令牌被揭露,你会回到任何人取消订阅每个人。您还可以在数据库中存储每个用户的魔术令牌,以验证URL中的令牌,这不会比这更困难,而且更安全。
Of course, if the secret token ever gets revealed, you're back to anyone unsubscribing everyone. You could also store per-user magic tokens in your database to validate the tokens in URLs, that wouldn't be much more difficult than this, and definitely much safer.
这篇关于如何生成链接以取消订阅电子邮件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!