Rails Devise: set reset password and redirect user

Question

Rails Devise: set reset password and redirect user

In my application for a specific use case, I create a new user (programmatically set a password) and send them a confirmation email.

I would like them to be able to change their password immediately after confirmation (without having to enter the generated system that I do not want to send)

In essence, I would like 1) The system creates a new user account with a password generated.
2) The system sends a confirmation email.
3) Confirmation of user clicks and redirected to password (effectively send them to the URL below).

<a href="http://localhost:3000/users/password/edit?reset_password_token=v5Q3oQGbsyqAUUxyqLtb">Change my password</a>

Any help / pointers would be great.

+42

ruby-on-rails login-control devise

patrick-davey May 05 '11 at 7:36 a.m.

source share

4 answers

In Rails 4.1, the following modification of the Anatortoise House answer is valid:

 user = User.new user.password = SecureRandom.hex #some random unguessable string raw_token, hashed_token = Devise.token_generator.generate(User, :reset_password_token) user.reset_password_token = hashed_token user.reset_password_sent_at = Time.now.utc user.email = 'user@usercompany.com' user.save! # Use a mailer you've written, such as: AccountMailer.set_password_notice(user, raw_token).deliver

Email has this link:

 www.oursite.com/users/password/edit?initial=true&reset_password_token=<%= @raw_token %>

+28

ClaytonC Aug 22 '14 at 21:31

source share

You may call

 user.send(:set_reset_password_token)

It may be unstable as it is a protected method, but it may work for your case. Just cover it with dough.

(tested on Devise v. 3.4)

+2

Sergii Mostovyi Jun 04 '15 at 6:16

source share

Here is my snippet for previewing the email program

 class Devise::MailerPreview < ActionMailer::Preview def reset_password_instructions user = User.last token = user.send(:set_reset_password_token) Devise::Mailer.reset_password_instructions(user, token) end end

+2

woto Sep 06 '15 at 1:58

source share

Anatortoise House · Accepted Answer · 2011-05-11 21:30

An easy way to have only one step for users to confirm an email address and set an initial password using the link you offer ...

Send one message that your application generates, including reset_password_token, and consider that the user owns this token, confirming the validity of this email address.

In the system code for generating accounts, provided that the user model is configured using: recoverable and: database_authenticatable. Development Modules ...

 acct = User.new acct.password = User.reset_password_token #won't actually be used... acct.reset_password_token = User.reset_password_token acct.email = "user@usercompany.com" #assuming users will identify themselves with this field #set other acct fields you may need acct.save

Making reset password settings a little more understandable for users when setting the initial password.

view / testament / passwords / edit.html.erb

 ... <%= "true" == params[:initial] ? "Set your password" : "Reset your password" %> ...

Email Generated

 Hi <%= @user.name %> An account has been generated for you. Please visit www.oursite.com/users/password/edit?initial=true&reset_password_token=<%= @user.reset_password_token %> to set your password.

No need to include: a confirmed development module in the user model, since the accounts created by your application will not be available without the reset_password_token password in the letter.

Devise will process the submission and clear the reset_password_token field.

For more information on reset_password_token methods and friends, see devise_gem_folder/lib/devise/models/recoverable.rb and database_authenticatable.rb .

If you want to use the Devise :confirmable module rather than this approach, see the quiz page .

Rails Devise: set reset password and redirect user

view / testament / passwords / edit.html.erb

Email Generated

More articles: