I don't know of any gems for protected links and I can imagine that it is hard to find a common denominator for such an individual feature.
However, here's how I would implement such a system. The basic idea is to substitute the id with a practically "unguessable" token.
1 - create an token column (index: true, unique: true) for the resource you want to protect
2 - In the model, add validations, generator, callback and override to_param
validates :token, presence: true
validates :token, uniqueness: true
before_validation :generate_token, on: :create
def generate_token
begin
self.token = SecureRandom.urlsafe_base64(64, false)
end while self.class.find_by(token: token)
end
def to_param
token
end
3 - Change the routes to use :token as url parameter
resources :things, param: :token
4 - Change the controller to find by token instead of id
@thing = Thing.find(params[:id]) # change this
@thing = Thing.find_by(token: params[:token]) # to this
Now, thing_url(@thing) will return a url you can safely share:
http://example.com/things/KSwdmTuDSVOGLTHtjK-RU78x7Bme_g-noTrNcovrtXioxPletLvNK35ia_F8CpIBtNDv-_xQ5bZ8uuv18msD4w
Of course, you need to replace thing and Thing with your model name, respectively.
