stackoom
  简体   繁体   中英

Devise confirmation token invalid

 原文  2015-06-04 17:03:26       ruby-on-rails/ devise

Question

My problem is unrelated to the transition to Devise 3.1+, I already use the @token variable in my email view.

The problem is, the confirmation token that is sent via email is not the good one. If I try to do this on the console 

u = User.last.send_confirmation_instructions
the_token_from_the_email = xxx #a copy paste from the email
token_digest = Devise.token_generator.digest(User, :confirmation_token, the_token_from_the_email)
u.confirmation_token == token_digest
# false

It fails... Any idea what might cause this?

The token in the email looks like 3D7vDawAysHXKmM6YS-Mhb The token in the db/after digest looks like 6e8d045e084910d0cfb67b73679da12981221f52eeb984776f969f3c2d475937

EDIT :

Here's what's happening

  1. User clicks on sign_up, enter his login
  2. We check the login against a distant LDAP, if we find him, then his entry on the distant LDAP is duplicated to our LDAP if it doesn't exist already (no DB query), and we send him an email with his new password

  3. Then, an account for the user is created on the rails database if it doesn't exist already, the following commands are issued (note that a user has_many :clients and we check for client models in confirmation_required? 

     MOPED: 127.0.0.1:27017 QUERY database=intranet_rails_development collection=users selector={"confirmation_token"=>"IOciN4PmF4IPddFfDx3p2Q=="} flags=[] limit=-1 skip=0 batch_size=nil fields={:_id=>1} runtime: 0.5599ms MOPED: 127.0.0.1:27017 QUERY database=intranet_rails_development collection=users selector={"confirmation_token"=>"IOciN4PmF4IPddFfDx3p2Q=="} flags=[] limit=-1 skip=0 batch_size=nil fields={:_id=>1} runtime: 0.3061ms MOPED: 127.0.0.1:27017 COMMAND database=intranet_rails_development command={:count=>"clients", :query=>{"user_id"=>BSON::ObjectId('55744fd46a65004c95000000')}} runtime: 0.3512ms MOPED: 127.0.0.1:27017 QUERY database=intranet_rails_development collection=users selector={"$query"=>{"confirmation_token"=>"b3606f731762a75314f52467993c09fdcd99124ca6357fca6b52a694f159cd9b"}, "$orderby"=>{:_id=>1}} flags=[] limit=-1 skip=0 batch_size=nil fields=nil runtime: 0.4727ms MOPED: 127.0.0.1:27017 INSERT database=intranet_rails_development collection=users documents=[{"_id"=>BSON::ObjectId('55744fd46a65004c95000000'), "confirmation_token"=>"b3606f731762a75314f52467993c09fdcd99124ca6357fca6b52a694f159cd9b", "ldap_groups_cache"=>["Intervenants"], "last_ldap_groups_check"=>2015-06-07 14:06:12 UTC, "gender_cd"=>0, "login"=>"tarasiuk", "from_tpt_ldap"=>false, "tpt"=>false, "superadmin"=>false, "first_name"=>"Orest", "last_name"=>"Somename", "email"=>"blblabla@domain.fr", "updated_at"=>2015-06-07 14:06:12 UTC, "created_at"=>2015-06-07 14:06:12 UTC, "confirmation_sent_at"=>2015-06-07 14:06:13 UTC}] flags=[] COMMAND database=intranet_rails_development command={:getlasterror=>1, :w=>1} runtime: 0.5337ms MOPED: 127.0.0.1:27017 COMMAND database=intranet_rails_development command={:count=>"clients", :query=>{"user_id"=>BSON::ObjectId('55744fd46a65004c95000000')}} runtime: 0.3471ms Rendered devise/mailer/confirmation_instructions.html.erb (1.3ms)

  4. Then the confiration email is sent with token confirmation_token=3DHJTJ34o1XKEL-EFn8B4j"

  5. Then a final query 

     MOPED: 127.0.0.1:27017 QUERY database=intranet_rails_development collection=clients selector={"user_id"=>BSON::ObjectId('55744fd46a65004c95000000')} flags=[] limit=0 skip=0 batch_size=nil fields=nil runtime: 0.6091ms Redirected to [address] Completed 302 Found in 2522ms

  6. Then a GET with the confirmation token 

     Started GET "/users/confirmation?confirmation_token=3DHJTJ34o1XKEL-EFn8B4j" for 46.193.138.19 at 2015-06-07 16:22:53 +0200 Processing by ConfirmationsController#show as HTML Parameters: {"confirmation_token"=>"3DHJTJ34o1XKEL-EFn8B4j"} MOPED: 127.0.0.1:27017 COMMAND database=admin command={:ismaster=>1} runtime: 0.5095ms MOPED: 127.0.0.1:27017 QUERY database=intranet_rails_development collection=users selector={"$query"=>{"confirmation_token"=>"31cd2ab688b1fd94e6327856603b68873eff7031acc69137cc7d4a527360856b"}, "$orderby"=>{:_id=>1}} flags=[] limit=-1 skip=0 batch_size=nil fields=nil runtime: 0.4650ms

1 answers

solution1
 0 ACCPTED  2015-06-09 18:20:04

Ok, it turns out I actually had a default value for that confirmation token that screwed everything up

field :confirmation_token, default: SecureRandom.base64

Then after another couple errors (including a bug introduced in Devise 3.5.1), I was finally able to make it work correctly

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question devise confirmation token is invalid Devise confirmation_token is invalid Devise “Confirmation token is invalid” when user signs up Devise Confirmation invalid on first send confirmation token invalid in production Confirmation token is invalid Devise: prints confirmation token is invalid if my model has an after_create callback Regenerating confirmation token using devise rails 4 Rails w/ Devise, Confirmation token not working on production Return devise confirmation token in device 3.1
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM