Devise for Ruby On Rails: Delete authentication_token after token login
25 Apr 2011Tags: ruby on rails devise devise token authentication ruby on rails token authentication after_token_authentication
So, I finally figured this little bit out. When you want to have a one-time use for the authentication token (such as an auto-generated login for a new user) you do the following:
In your user model, add
before_create :ensure_authentication_token def after_token_authentication self.authentication_token = nil self.save end
Then on whatever controller you are using as the destination of that first page that you want them to be able to login from, add this:
This will wipe out the token and it will not be reusable afterwards.