ruby on rails 4 - devise - send_reset_password_ins

2019-07-11 08:03发布

问题:

I am using ruby on rails version '4.2.4' and devise 4.0.0

gem 'rails', '4.2.4'
devise (4.0.0)
  bcrypt (~> 3.0)
  orm_adapter (~> 0.1)
  railties (>= 4.1.0, < 5.1)
  responders
  warden (~> 1.2.3)

Taking over some code made from someone, they have implemented reset password but didnt quite work. I am trying to solve it.

from the console, I tried to use this:

> u = User.first
> u.send_reset_password_instructions

this is console output:

[15] pry(main)> u.send_reset_password_instructions

Devise::Mailer#reset_password_instructions: processed outbound mail in 37.9ms

    Sent mail to testme@gmail.com (6024.6ms)
    Date: Sun, 20 May 2018 12:13:23 +0800
    From: "My Support" <support@my.org>
    Reply-To: "Harta.Org Support" <support@my.org>
    To: testme@gmail.com
    Message-ID: <5b00f5e3e4f8f_9da3ff91bc336ac799e0@Macbook.local.mail>
    Subject: Reset password instructions
    Mime-Version: 1.0
    Content-Type: text/html;
     charset=UTF-8
    Content-Transfer-Encoding: 7bit

    <p>Hello testme@gmail.com!</p>

    <p>Someone has requested a link to change your password. You can do this through the link below.</p>

    <p><a href="http://localhost:3000/users/password/edit?reset_password_token=qpkCBYwZzmqprudst1oq">Change my password</a></p>

    <p>If you didn't request this, please ignore this email.</p>
    <p>Your password won't change until you access the link above and create a new one.</p>

    => "qpkCBYwZzmqprudst1oq"

the email is received, however navigating to the page (http://localhost:3000/users/password/edit?reset_password_token=qpkCBYwZzmqprudst1oq) and inserting the new password has this error

1 error prohibited this user from being saved:
Reset password token is invalid

I checked there is some token generated in the User record:

 reset_password_token: "23837a8b05a8249ac4edf5e3e6b6e8f922277ef409e693cd802bc1707b0838b7",
 reset_password_sent_at: Sun, 20 May 2018 04:13:23 UTC +00:00,

this matches the debug output below:

Started PUT "/users/password" for ::1 at 2018-05-20 12:52:04 +0800
Processing by Devise::PasswordsController#update as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"NtKJ86mslX4tQ7arV+FcO+5dU4BCvD1A0GRzs9YwqG1h+vsdbEh9FXW+VQLJMnNsTXuJ0VMmC+f9v8/uW56CMQ==", "user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}}
localhost
Set current domain
{"reset_password_token":"23837a8b05a8249ac4edf5e3e6b6e8f922277ef409e693cd802bc1707b0838b7"}
  Rendered users/shared/_links.html.erb (0.3ms)
  Rendered users/passwords/edit.html.erb within layouts/application (9.5ms)
  Rendered layouts/_navigation.html.slim (2.0ms)
  Rendered layouts/_messages.html.slim (0.1ms)
Completed 200 OK in 243ms (Views: 199.9ms | ActiveRecord: 0.0ms)

What is the problem, how to debug (like how do i know if the token is correct) and solve this ?

I manage to override Devise::PasswordsController to change the password devise in controller/users/password_controller. However, I want to debug this now, recoverable.rb ? How can I override recoverable.rb ? I want to see how it works in this method:

 def reset_password_by_token(attributes={})