You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Env Info - Rails 4.0.2
Devise - 3.2.2
ORM- Mongoid
To reset password the reset password mailer which is sent with the reset password token has the same token that is there in the database.
In the following commit -143794d In recoverable.rb method - reset_password_by_token,
Before: (this directly uses the token passed in attributes
recoverable = find_or_initialize_with_error_by(:reset_password_token, attributes[:reset_password_token])
After:(reset password token is calculated using the original token from db and then recoverable always initializes an empty record with error Reset Password token is invalid as then token is not the one that is in the database)
reset_password_token = Devise.token_generator.digest(self, :reset_password_token, original_token)
recoverable = find_or_initialize_with_error_by(:reset_password_token, reset_password_token)
I changed the gem to use the token passed and not the one calculated and i do not face the error anymore. Am I missing something here ?
The text was updated successfully, but these errors were encountered:
@josevalim - Can you give me a link to the release notes. I looked through the commit and wiki but could not figure out the change I will have to make to make the existing code run. Thanks.
Hi,
Env Info - Rails 4.0.2
Devise - 3.2.2
ORM- Mongoid
To reset password the reset password mailer which is sent with the reset password token has the same token that is there in the database.
In the following commit -143794d In recoverable.rb method - reset_password_by_token,
Before: (this directly uses the token passed in attributes
recoverable = find_or_initialize_with_error_by(:reset_password_token, attributes[:reset_password_token])
After:(reset password token is calculated using the original token from db and then recoverable always initializes an empty record with error Reset Password token is invalid as then token is not the one that is in the database)
reset_password_token = Devise.token_generator.digest(self, :reset_password_token, original_token)
recoverable = find_or_initialize_with_error_by(:reset_password_token, reset_password_token)
I changed the gem to use the token passed and not the one calculated and i do not face the error anymore. Am I missing something here ?
The text was updated successfully, but these errors were encountered: