Perhaps I'm tired and missing something obvious, but I'm seeing the strangest things trying to debug 'Reset password token is invalid' on Rails 4.1.16, Devise 3.5.10 and Ruby 2.3.8.
I'm aware of and have tried the solutions here and here. Trying to reproduce the reset password steps in console, I'm wondering if there's a more fundamental error with my app.
I can run u.send_reset_password_instructions which happily creates the reset_password_token, commits it to the DB, and sends a hashed version in the password reset email.
SQL (0.7ms) UPDATE "users" SET "reset_password_sent_at" = ?, "reset_password_token" = ?, "updated_at" = ? WHERE "users"."id" = 8 [["reset_password_sent_at", "2018-11-10 03:35:39.176325"], ["reset_password_token", "a8e9f1dd874735078fc79dbf1a72a5546edf12915eea604bc29e7da897de3c6e"], ["updated_at", "2018-11-10 03:35:39.176799"]]
So we have a reset_password_token of a8e9f1dd874735078fc79dbf1a72a5546edf12915eea604bc29e7da897de3c6e which Devise has hashed to NUY_d-cz4GsaCBJz-LPy for use in the email. All good so far.
However, if I run User.with_reset_password_token("NUY_d-cz4GsaCBJz-LPy"), the hash is correctly decoded and the DB finds... nothing:
User Load (3.3ms) SELECT "users".* FROM "users" WHERE "users"."reset_password_token" = 'a8e9f1dd874735078fc79dbf1a72a5546edf12915eea604bc29e7da897de3c6e' ORDER BY "users"."id" ASC LIMIT 1
=> nil
So then I try a manual search in the console for the exact same query: User.find_by(reset_password_token: "a8e9f1dd874735078fc79dbf1a72a5546edf12915eea604bc29e7da897de3c6e")
And I get... Nothing:
User Load (4.2ms) SELECT "users".* FROM "users" WHERE "users"."reset_password_token" = 'a8e9f1dd874735078fc79dbf1a72a5546edf12915eea604bc29e7da897de3c6e' LIMIT 1
=> nil
I am sure this is at the root of the problems I'm having with 'Reset password token is invalid', but I can't figure out why the DB search is failing on such a simple thing. Is there something obvious I should be checking?
