Best way to create unique token in Rails

Question

Here s what I m using  The token doesn t necessarily have to be heard to guess  it s more like a short url identifier than anything else  and I want to keep it short  I ve followed some examples I ve found online and in the event of a collision  I think the code below will recreate the token  but I m not real sure  I m curious to see better suggestions  though  as this feels a little rough around the edges   def self create token     random number   SecureRandom hex 3       1X  random number        while Tracker find by token  1X  random number       nil       random number   SecureRandom hex 3         1X  random number       end      1X  random number     end   My database column for the token is a unique index and I m also using validates uniqueness of  token on the model  but because these are created in batches automatically based on a user s actions in the app  they place an order and buy the tokens  essentially   it s not feasible to have the app throw an error   I could also  I guess  to reduce the chance of collisions  append another string at the end  something generated based on the time or something like that  but I don t want the token to get too long

User · Answer

To create a proper  mysql  varchar 32 GUID  SecureRandom uuid gsub  -      upcase

User · Answer

you can user has secure token https   github com robertomiranda has secure token  is really simple to use  class User   has secure token  token1   token2 end  user   User create user token1   gt   44539a6a59835a4ee9d7b112b48cd76e  user token2   gt   226dd46af6be78953bde1641622497a8

User · Answer

If you want something that will be unique you can use something like this   string    Digest  MD5 hexdigest    ActiveSupport  SecureRandom hex 10  -  DateTime now to s      however this will generate string of 32 characters   There is however other way   require  base64   def after create update attributes   token   gt  Base64  encode64 id to s   end   for example for id like 10000  generated token would be like  MTAwMDA    and you can easily decode it for id  just make  Base64  decode64 string

User · Answer

This may be helpful    SecureRandom base64 15  tr         0aZ     If you want to remove any special character than put in first argument       and any character put in second argument  0aZ  and 15 is the length here    And if you want to remove the extra spaces and new line character than add the things like    SecureRandom base64 15  tr         0aZ   strip delete   n     Hope this will help to anybody

User · Answer

This might be a late response but in order to avoid using a loop you can also call the method recursively  It looks and feels slightly cleaner to me   class ModelName  lt  ActiveRecord  Base    before create  generate token    protected    def generate token     self token   SecureRandom urlsafe base64     generate token if ModelName exists  token  self token    end  end

User · Answer

-- Update --  As of January 9th  2015  the solution is now implemented in Rails 5 ActiveRecord s secure token implementation    -- Rails 4  amp  3 --  Just for future reference  creating safe random token and ensuring it s uniqueness for the model  when using Ruby 1 9 and ActiveRecord    class ModelName  lt  ActiveRecord  Base    before create  generate token    protected    def generate token     self token   loop do       random token   SecureRandom urlsafe base64 nil  false        break random token unless ModelName exists  token  random token      end   end  end   Edit    kain suggested  and I agreed  to replace begin   end  while with loop do   break unless   end in this answer because previous implementation might get removed in the future   Edit 2   With Rails 4 and concerns  I would recommend moving this to concern     app models model name rb class ModelName  lt  ActiveRecord  Base   include Tokenable end    app models concerns tokenable rb module Tokenable   extend ActiveSupport  Concern    included do     before create  generate token   end    protected    def generate token     self token   loop do       random token   SecureRandom urlsafe base64 nil  false        break random token unless self class exists  token  random token      end   end end

User · Answer

There are some pretty slick ways of doing this demonstrated in this article   https   web archive org web 20121026000606 http   blog logeek fr 2009 7 2 creating-small-unique-tokens-in-ruby  My favorite listed is this   rand 36  8  to s 36    gt   uur0cj2h

User · Answer

def generate token     self token   Digest  SHA1 hexdigest  --   BCrypt  Engine generate salt  --   end

User · Answer

Ryan Bates uses a nice little bit of code in his Railscast on beta invitations  This produces a 40 character alphanumeric string   Digest  SHA1 hexdigest  Time now  rand  join

User · Answer

I think token should be handled just like password  As such  they should be encrypted in DB   I n doing something like this to generate a unique new token for a model   key   ActiveSupport  KeyGenerator                  new Devise secret key                   generate key  put some random or the name of the key    loop do   raw   SecureRandom urlsafe base64 nil  false    enc   OpenSSL  HMAC hexdigest  SHA256   key  raw     break  raw  enc  unless Model exist  token  enc  end

User · Answer

Try this way   As of Ruby 1 9  uuid generation is built-in  Use the SecureRandom uuid function  Generating Guids in Ruby  This was helpful for me

[ruby-on-rails] Best way to create unique token in Rails?

Examples related to ruby-on-rails

Examples related to ruby-on-rails-3

Examples related to random

Examples related to guid