How to generate reset password token

Question

I am using devise gem for authentication.

In my application admin will create the users, so I want the user's reset password link when admin creates users.

This is my action:-

def create
   @user = User.new(user_params)
   @user.password = '123123123'
   @user.password_confirmation = '123123123'
   if @user.save
         @user.update_attributes(:confirmation_token => nil,:confirmed_at => Time.now,:reset_password_token => (0...16).map{(65+rand(26)).chr}.join,:reset_password_sent_at => Time.now)
       UserMailer.user_link(@user).deliver
       redirect_to users_path
     else
    render :action => "new"
   end
end

This is my link to reset a user's password

But I am getting reset password token is invalid when I open the link and update the password.

Rails Fan Rails Fan · Accepted Answer · 2014-03-24T08:42:08

If you are using devise why are you creating your own password reset token? Devise has a feature for that. http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Recoverable

In case you wonder this is what devise does when the user wants to reset his password:

  raw, enc = Devise.token_generator.generate(self.class, :reset_password_token)

  self.reset_password_token   = enc
  self.reset_password_sent_at = Time.now.utc
  self.save(validate: false)

self is an User object here

In your URL you then have to pass raw as reset_password_token parameter

How to generate reset password token

4 Answers