Running a Rails 4 app with Devise 3.2.3 and Devise Confirmable.
Devise generates a confirmation_token for a newly created user that is correctly stored in the database, and then sends out a mailer with confirmation instructions. The token sent out in the mailer is different than the confirmation_token stored in the db for security reasons, but the token sent out in the mailer is not resolving to the correct confirmation token for the user, therefore the user is never confirmed.
Here is an example of what I am talking about:
The user in the database has the following confirmation_token attr set by Devise after being created:
beaa0ed7c9c2da72a99381ee705aa8ebd91672a5c18f5a44deeb43d0665080c4
and the following link is sent out in an email to the user:
http://localhost:3000/users/confirmation?confirmation_token=ZEagTsW1o1Ex_xGdQq7D
I have confirmed that the template for the mailer is using the new @token method instead of the old @resource.confirmation_token
%p Welcome #{@email}!
%p You can confirm your account email through the link below:
%p= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token)
but when I hit the link that devise sends out, the @token does not resolve to the correct confirmation_token attr on the user. From the logs:
Started GET "/users/confirmation?confirmation_token=ZEagTsW1o1Ex_xGdQq7D" for 127.0.0.1 at 2014-04-16 12:15:33 -0700
Processing by ConfirmationsController#show as HTML
Parameters: {"confirmation_token"=>"ZEagTsW1o1Ex_xGdQq7D"}
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`confirmation_token` = 'd876b3a89e02512b7c8ff632f2d8ff33dbe57ccc4df50469ad99e456c45938f8' ORDER BY `users`.`id` ASC LIMIT 1
As you can see, the @token sent out in the email resolved to d876b3a89e02512b7c8ff632f2d8ff33dbe57ccc4df50469ad99e456c45938f8 instead of beaa0ed7c9c2da72a99381ee705aa8ebd91672a5c18f5a44deeb43d0665080c4. Any ideas?
