I tried the solutions already suggested on stackoverflow, but with no success. Here's the situation. I'm building a Rails app using Devise for authentication. In development, I was able to get the confirmation via email link to work just fine. I signed up, an email was sent, and I clicked the link which redirected me to the app, and I, the user, was confirmed. However, in production on the Heroku platform, this method of User sign up confirmation fails. Specifically, I get the message
"1 error prohibited this user from being saved.
Confirmation token invalid"
In the Heroku log when I get "Confirmation token invaled", I noticed that the confirmation token that is generated when the User is created (ee438ce80d3cc139df595771f8e058cc2eb7a91b33429d30c1ae6e4b3b00721f) is different from the confirmation token in the "Confirm my account" link sent by Devise: http://bloccit.herokuapp.com/users/confirmation?confirmation_token=GvdY2xffANGxEndv8Nc_
I tried the replace the tokens with each other, (replacing GvdY2xffANGxEndv8Nc_ with ee438ce80d3cc139df595771f8e058cc2eb7a91b33429d30c1ae6e4b3b00721f in the URL, and also "ee438ce80d3cc139df595771f8e058cc2eb7a91b33429d30c1ae6e4b3b00721f" with "GvdY2xffANGxEndv8Nc_" in the Production Database) still no luck!
Then, I was made aware of some modifications people made in the devise/mailer/confirmation_instructions.html.erb view. I experimented and changed the file
from
<p>Welcome <%= @email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>
to
<p>Welcome <%= @email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %></p>
Also, I read Devise documentation stating that Confirmation registration is no longer advisable. But, the documentation continues, if you want to use it, include the following setting in the devise.rb file:
config.allow_insecure_sign_in_after_confirmation = true
I followed the instructions and made the changes to the view I mentioned. Then committed to git, and re-deployed to Heroku. I found that this generated the same confirmation tokens in the User object instance AND in the "Confirm my account". Look at the Heroku log:
2015-04-17T03:53:40.460157+00:00 app[web.1]: User Load (1.1ms) SELECT "users".* FROM "users" WHERE "users"."confirmation_token" = $1 ORDER BY "users"."id" ASC LIMIT 1 [["confirmation_token", "aa160f928b848bb06d9c5a681dafdc00333904d9e012dd95b1b344d9c7aff20c"]]
... 2015-04-17T03:53:40.905542+00:00 app[web.1]:You can confirm your account email through the link below:
2015-04-17T03:53:40.905533+00:00 app[web.1]: Content-Type: text/html;
2015-04-17T03:53:40.905544+00:00 app[web.1]:
2015-04-17T03:53:40.905545+00:00 app[web.1]:
<a href="http://bloccit.herokuapp.com/users/confirmation?confirmation_token=aa160f928b848bb06d9c5a681dafdc00333904d9e012dd95b1b344d9c7aff20c">Confirm my account</a></p>
However, I got the same error I noted above "Confirmation token invalid."
I've been working on this for over two evenings. I also don't understand why no error in development, but error in production arghhh!
Viral
