生成一个可以在注销电子邮件中使用的 URL
所以我有一项服务可以让你报名参加活动。当您注册时,您会收到一封电子邮件,其中包含您可以在其中退出活动的网址。 url 的给定参数应该是任何人都猜不到的。
我想到过 UID,但这不是人类可读的。我也想过哈希,但我不知道是否要使用它。
顺便提一句;我正在用 java 来做这件事,以防你知道一些漂亮的工具。
有什么建议吗?
So I have a service where you sign up for events. When you sign up, you get an email with an url where you can sign off the event. The given parameter of the url should be something that not anyone can guess.
I've thought of UID, but that just isn't human readable. I also thought of hashing, but I don't know if I want to use that.
btw; I'm doing this in java, in case you know of some nifty tools.
Any suggestions?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您在电子邮件中发送网址,它真的需要人类可读吗?验证电子邮件包含随机字符串的情况并不罕见。
您始终可以用 HTML 编写电子邮件:
并且随机位将对用户隐藏。当然,这可能会触发垃圾邮件过滤器,因此您需要小心一点。
编辑:顺便说一句,您可能想使用 GUID,因为该数字只能使用一次。如果您愿意,您可以对某些内容进行哈希处理,但是每当您处理随机数(使用过一次的数字)时,随机就是您的朋友。
If you are sending a url inside an email does it really need to be human readable? It's not uncommon for verification emails to contain a random string.
You can always write the email in HTML:
and the random bit will be hidden from the user. Of course, this might trigger spam filters so you'll need to be a bit careful.
EDIT: By the way, you probably want to use a GUID since the number should only be used once. You can hash something if you like, but whenever you are dealing with a nonce (number used once) then random is your friend.