0

I'm trying to make an api for resetting password, I made devise handle the part when the user press on forgot password and sending him an email with a token but I tried to change it in the other part I needed to look up user using that token when he reset his password but Devise reset_password_token of the user (in the DB) is not like the token sent in the email, I only receive token, password, password_confirmation to make that API work, So I need to find that user using token sent in the email(User.where(reset_password_token: TOKEN)), Is there a way to convert token in the email to the one I have in the DB.

Amr Adel
  • 574
  • 1
  • 7
  • 18

1 Answers1

3

You have to check the reset_password_by_token class method which contains the logic. But you can use it directly:

User.reset_password_by_token({
  reset_password_token: token,
  password: password,
  password_confirmation: password_confirmation
})

Link to current master code here

apneadiving
  • 114,565
  • 26
  • 219
  • 213
  • 1
    Thanks dude, I swear I've read it twice but I didn't focus properly, Thank you very much. – Amr Adel Feb 20 '18 at 13:33
  • 1
    glad it helped ;) – apneadiving Feb 20 '18 at 13:36
  • Actually if you want to find the User without reset his password you can use `User.with_reset_password_token(token)` (https://github.com/heartcombo/devise/blob/032c4476aeaf8eacd96331e37ba758cbae0f6248/lib/devise/models/recoverable.rb#L125) – Hernan Acosta Jan 26 '23 at 18:50