Trying to reset a password, my (custom) mailer has this line:
edit_user_password_url(@user, reset_password_token: @user.reset_password_token)
And that creates a link like this:
http://fixit-rails.dev//users/password/edit.6?reset_password_token=13f76244d39b0dfb9746674058a45559280358b99c1fdc36c6b9af2de2ba6376
And within the database the user has the following reset_password_token:
13f76244d39b0dfb9746674058a45559280358b99c1fdc36c6b9af2de2ba6376
The user can successfully go to the new password screen, but when he clicks submit, an error message says "Reset password token is invalid"
Why is devise not recognising the token?
UPDATE
I create the token with the following code:
def generate_reset_password_token
raw, enc = Devise.token_generator.generate(User, :reset_password_token)
self.reset_password_token = enc
self.reset_password_sent_at = Time.now.utc
self.save(validate: false)
end
edit_user_password_url(@user, reset_password_token: @token)– Muhammad Yawar Ali