tags:

views:

14

answers:

1
Q: 

This is my OAuth and TripIt controller. Is this sane?

I am working on integrating the TripIt API into a project of mine. I'm new to OAuth so I'm learning this as I go. The following controller seems to be working. However, I want to make sure I'm not leaving any glaring security holes or just being stupid.

What do you guys/gals think?

If anyone had a better example, I would certainly study it as well.

Thanks for any pointers or suggestions.

http://gist.github.com/648227

A: 

Some tips:

  • Don't require libs in methods; Add them to the top of the file, or include them in your config/environment.rb. That makes it easier to check what you include/require in your project.
  • Add comments with how each methods is called and what it's supposed to do.
  • You might want to consider (although not necessary) to move the actual 'oauth logic' to a special model, but the code relatively short, so it's okay in this case.

Otherwise this controller looks pretty good. Good use of before_filters and private methods.

Ariejan  2010-10-27 11:46:03
At a later stage you may want to store your API info in another place than your controller. Using a gem like Settingslogic can make your life very easy.
Ariejan  2010-10-27 11:47:00
Thanks for the suggestions. I have cleaned it up a little. Still need to add better comments. I normally do. :-) Here is the new version: http://gist.github.com/649915
cbmeeks  2010-10-28 15:12:50

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.