CODEWITHSUNDEEP
ruby-on-railsruby-on-rails-3ruby-on-rails-3.1devise
Rubytastic
Rubytastic

Reputation: 15491

Devise column confirmed_at no longer updates after rails 3.2 + devise 2.0

After upgrading to rails 3.2 and devise 2.0 and clicking the confirmation link sent by email or copied from console in development, the confirmed_at column does not get updated. So the result is that you can't login.

What would be the approach to fix this since nothing comes up in the logs, attributes accessible has confirmed_at included,so the column should be updateable.

Upvotes: 4

Views: 1573

Answers (2)

user1027503
user1027503

Reputation:

(I moved it to a diffent answer because it deserve it I think)

{"confirmation_token"=>"PAPe74HyVmRheFbaBAaw"} User Load (0.4ms) SELECT users.* FROM users WHERE users.confirmation_token = 'PAPe74HyVmRheFbaBAaw' LIMIT 1 (0.2ms) BEGIN (0.1ms) COMMIT Completed 401 Unauthorized in 15ms

Are you using together with CanCan? That is a Cancan config issue! If you remove CanCan it will probably work :-). Nevertheless, there is a elegant solution in the CanCan Wiki for this case.

Put the following in your ApplicationController

check_authorization :unless => :devise_controller?

https://github.com/ryanb/cancan/wiki/Ensure-Authorization

Conditionally Check Authorization

As of CanCan 1.6, the check_authorization method supports :if and :unless options. Either one takes a method name as a symbol. This method will be called to determine if the authorization check will be performed. This makes it very easy to skip this check on all Devise controllers since they provide a devise_controller? method.

class ApplicationController < ActionController::Base
  check_authorization :unless => :devise_controller?  
end

Upvotes: 1

user1027503
user1027503

Reputation:

Few axes for your troubleshooting.

At first (the obvious :-) ) that you have activated confirmable in the user model

devise : :confirmable

Then, check that the following columns are defined in your database and in your model (similar if you are on Mongoid, with a different type)

## Confirmable
t.string   :confirmation_token
t.datetime :confirmed_at
t.datetime :confirmation_sent_at
# t.string   :unconfirmed_email # Only if using reconfirmable

And finally (I do not know it apply to you and making the issue) but there was a change in 2.0 regarding confirmable

Besides, a few configuration options were renamed or removed:

Devise.confirm_within was renamed to Devise.allow_unconfirmed_access_for;

What is then giving you the rails console for the new user just just crated?

Should give something like

User.last
 => #<User .... email: "[email protected]", confirmation_token: "abch76UfqHBBxHw97123", confirmed_at: nil, confirmation_sent_at: 2012-02-10 11:06:41 UTC, unconfirmed_email: nil, ....>

And the link you received (which you can also manually copy paste in the browser should be similar to (and consistent with the above confirmation token)

<p><a href="http://localhost:5000/users/confirmation?confirmation_token=abch76UfqHBBxHw97123">Confirm my account</a></p>

The user in the console should be modified accordingly

User.last
 => #<User .... email: "[email protected]", confirmation_token:nil, confirmed_at: confirmed_at: 2012-02-10 11:28:04 UTC, confirmation_sent_at: 2012-02-10 11:06:41 UTC, unconfirmed_email: nil, ....>

If when you copy the link in the browser still does not work, can you copy the last lines of the logs?

the ones around

20:36:51 web.1     | Started GET "/users/confirmation?confirmation_token=abch76UfqHBBxHw97123" for 127.0.0.1 at 2012-02-10 20:36:51 +0900
20:36:51 web.1     | [127.0.0.1] Processing by Devise::ConfirmationsController#show as HTML
20:36:51 web.1     |  [127.0.0.1]   Parameters: {"confirmation_token"=>"abch76UfqHBBxHw97123"}

Upvotes: 8

Related Questions