consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a username slug to the user URL

Browse Source 
This way it won't be possible to browse all user URLs by just going to
/users/1, /users/2, /users/3, ... and collect usernames, which might not
be desirable in some cases.

Note we could use the username as a URL parameter and just find the user
with `@user = User.find_by!(id: id, username: username)`, but since
usernames might contain strange characters, this might lead to
strange/ugly URLs.

Finally, note we're using `username.to_s` in order to cover the case
where the username is `nil` (as is the case with erased users).
This commit is contained in:
Javi Martín
2023-11-28 17:49:02 +01:00
parent 2db807baa7
commit 77c043b68a
5 changed files with 123 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/models/user.rb
View File

@@ -433,6 +433,14 @@ class User < ApplicationRecord
(Tenant.current_secrets.dig(:security, :lockable, :unlock_in) || 1).to_f.hours
end
def to_param
"#{id}-#{slug}"
end
def slug
username.to_s.parameterize
end
private
def clean_document_number