Devise send_reset_password_instructions not working

I am adding a function to my controller, the only purpose is to run the forgot password procedure through an API request.

Here is the method reset_password

-

  def reset_password
    @user = User.find_by_email(params[:email])
    @user.send_reset_password_instructions
    respond_to do |format|
      format.xml  { render :xml => user_api_ressource(@user, :xml)}
      format.json  { render :json => user_api_ressource(@user, :json)}
    end
  end

      

I receive mail using the reset password link, it opens a page where I can set a new password, but when I submit the form, it says the token is invalid.

I am using sendgrid to send email. I think this is not a token truncation issue.

I am running rails app on Heroku cedar with latest development release.

Any idea?

+3


source to share


1 answer


I faced the same problem. In my case, it was because it user

was unscoped

. It looks like the user was not found in this case.

It is in the sources /lib/devise/models/authenticatable.rb on line 113

      recoverable = find_or_initialize_with_error_by(:reset_password_token, reset_password_token)

      



which do not search unscoped

.

I'll fork out the repo, let me know if you're interested too.

+1


source







All Articles