[英]devise token auth find user with password reset token
I'm using devise token auth and I'm setting up password reset process. 我正在使用devise令牌身份验证,并且正在设置密码重置过程。 When I click the reset link in the email, it has the url parameter reset_password_token=hK3yxC1zVZCbWL8WgqKM
but when in the rails console I do 当我单击电子邮件中的重置链接时,它具有url参数reset_password_token=hK3yxC1zVZCbWL8WgqKM
但是在Rails控制台中时,
2.5.1 :004 > User.first.reset_password_token
User Load (0.6ms) SELECT "users".* FROM "users" ORDER BY "users"."id" ASC LIMIT $1 [["LIMIT", 1]]
=> "ab432079e4e8aacfa0ecb5df17a7cea169990b0e0809ea9553248064220471a7"
These tokens do not match but they should. 这些令牌不匹配,但它们应该匹配。 Is it encoded somehow and if so how can I find a user which has a token? 是否以某种方式编码,如果可以,我如何找到具有令牌的用户?
What is stored in the database, is the Digest::SHA256
. 存储在数据库中的是Digest::SHA256
。
token = "hK3yxC1zVZCbWL8WgqKM"
Digest::SHA256.hexdigest token
#⇒ "ae74625ac2357c8f2de0f3f52647aaee191dbba5d383f8ec5822cfec5c24384e"
One obviously cannot revert it back to token, one can only hexdigest
the token that came from the user and compare it against what is stored in the database. 一个人显然不能将其还原为令牌,只能hexdigest
来自用户的令牌并将其与数据库中存储的令牌进行比较。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.