Why doesn't my second validation email work?

Question

The first validation email gets sent when @user updates their email attribute and always ends up with a working activation link. User checks their email, clicks the link, and the account is validated.

def update
  @user = User.find(params[:id])
    ...
    elsif !params[:user][:email].blank?
      if @user.authenticate(params[:user][:current_password])
        @user.update_attributes(email_user_params)
        if @user.save
           @user.create_activation_digest
           @user.deactivated
           @user.send_activation_email
           log_out
           flash[:info] = "Please check email dude"
           redirect_to root_url
        else
   ...

However, when @user requests a second validation email:

class EmailResetsController < ApplicationController
    def new
    end

    def create
      @user = User.find_by(email: params[:email_reset][:email].downcase)
      if @user && !@user.activated?
        @user.send_activation_email
        flash[:info] = "Email sent with instructions"
        redirect_to root_url
      else
       flash.now[:danger] = "Email address not found"
       render 'new'
      end
    end
end

the email gets sent out correctly, however the link always returns invalid.

user.rb

#sends out email
def send_activation_email
    UserMailer.account_activation(self).deliver_now
end

def create_activation_digest
  self.activation_token  = User.new_token
  self.activation_digest = User.digest(activation_token)
end

def User.digest(string)
  cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST :
                                              BCrypt::Engine.cost
  BCrypt::Password.create(string, cost: cost)
end    

 # Returns a random token.
def User.new_token
    SecureRandom.urlsafe_base64
end

def authenticated?(attribute, token)
    digest = send("#{attribute}_digest")
    return false if digest.nil?
    BCrypt::Password.new(digest).is_password?(token)
end

#the mailer view
account_activation.html.erb
  <%= link_to "Activate", edit_account_activation_url(@user.activation_token,
                                                email: @user.email) %>

class UserMailer < ApplicationMailer
  default from: "noreply@example.com"

  def account_activation(user)
    @user = user
    mail to: user.email, subject: "Account activation"
  end
end

class AccountActivationsController < ApplicationController

  def edit
    user = User.find_by(email: params[:email])
    if user && !user.activated? && user.authenticated?(:activation, params[:id])
      user.activate
      log_in user
      flash[:success] = "Account activated!"
      redirect_to user
    else
      flash[:danger] = "Invalid activation link"
      redirect_to root_url
    end
  end
end


:activation_token and :activation_digest are both columns in user.rb

Answer 1

Ok, I solved this. The problem is that EmailResetsController was finding user by :email and not :id.