Devise Giving Token Is Invalid Error After Updating Devise Or Devise Invitable

I have upgraded devise in some legacy app and got tripped up by this before.

With the release of Devise 3.1.0 they changed to using hashes of the token.


# app/views/devise/mailer/reset_password_instructions.html.erb

# Change this Line
edit_password_url(@resource, reset_password_token: @resource.password_reset_token)

# To This
edit_password_url(@resource, reset_password_token: @token)

This change should be applied to the all pages in app/views/devise/mailer/ which includes confirmation, invitation, password reset, and unlock.

Also if you are upgrading from an old version of devise_invitable. Make Sure you remove the 60 character limit on the invitation token column in users.


class RemoveLimitOnInvitationToken < ActiveRecord::Migration
  def up
    change_column :users, :invitation_token, :string, limit: nil
  end

  def down
    change_column :users, :invitation_token, :string, limit: 60
  end
end

It should now have proper tokens in the email link.

Contact

604-309-8713
info@solidfoundationwebdev.com

Send Me A Message

I would love to get in touch and talk about your next project. Feel free to send a message and I will get back to you shortly.

Get Connected

Contact