I am using ruby on rails version '4.2.4' and devise 4.0.0
gem 'rails', '4.2.4'
devise (4.0.0)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0, < 5.1)
responders
warden (~> 1.2.3)
Taking over some code made from someone, they have implemented reset password but didnt quite work. I am trying to solve it.
from the console, I tried to use this:
> u = User.first
> u.send_reset_password_instructions
this is console output:
[15] pry(main)> u.send_reset_password_instructions
Devise::Mailer#reset_password_instructions: processed outbound mail in 37.9ms
Sent mail to testme@gmail.com (6024.6ms)
Date: Sun, 20 May 2018 12:13:23 +0800
From: "My Support" <support@my.org>
Reply-To: "Harta.Org Support" <support@my.org>
To: testme@gmail.com
Message-ID: <5b00f5e3e4f8f_9da3ff91bc336ac799e0@Macbook.local.mail>
Subject: Reset password instructions
Mime-Version: 1.0
Content-Type: text/html;
charset=UTF-8
Content-Transfer-Encoding: 7bit
<p>Hello testme@gmail.com!</p>
<p>Someone has requested a link to change your password. You can do this through the link below.</p>
<p><a href="http://localhost:3000/users/password/edit?reset_password_token=qpkCBYwZzmqprudst1oq">Change my password</a></p>
<p>If you didn't request this, please ignore this email.</p>
<p>Your password won't change until you access the link above and create a new one.</p>
=> "qpkCBYwZzmqprudst1oq"
the email is received, however navigating to the page (http://localhost:3000/users/password/edit?reset_password_token=qpkCBYwZzmqprudst1oq) and inserting the new password has this error
1 error prohibited this user from being saved:
Reset password token is invalid
I checked there is some token generated in the User record:
reset_password_token: "23837a8b05a8249ac4edf5e3e6b6e8f922277ef409e693cd802bc1707b0838b7",
reset_password_sent_at: Sun, 20 May 2018 04:13:23 UTC +00:00,
this matches the debug output below:
Started PUT "/users/password" for ::1 at 2018-05-20 12:52:04 +0800
Processing by Devise::PasswordsController#update as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"NtKJ86mslX4tQ7arV+FcO+5dU4BCvD1A0GRzs9YwqG1h+vsdbEh9FXW+VQLJMnNsTXuJ0VMmC+f9v8/uW56CMQ==", "user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}}
localhost
Set current domain
{"reset_password_token":"23837a8b05a8249ac4edf5e3e6b6e8f922277ef409e693cd802bc1707b0838b7"}
Rendered users/shared/_links.html.erb (0.3ms)
Rendered users/passwords/edit.html.erb within layouts/application (9.5ms)
Rendered layouts/_navigation.html.slim (2.0ms)
Rendered layouts/_messages.html.slim (0.1ms)
Completed 200 OK in 243ms (Views: 199.9ms | ActiveRecord: 0.0ms)
What is the problem, how to debug (like how do i know if the token is correct) and solve this ?
I manage to override Devise::PasswordsController to change the password devise in controller/users/password_controller. However, I want to debug this now, recoverable.rb ? How can I override recoverable.rb ? I want to see how it works in this method:
def reset_password_by_token(attributes={})