Devise for Ruby On Rails: Delete authentication_token after token login

25 Apr 2011

Tags: ruby on rails devise devise token authentication ruby on rails token authentication after_token_authentication

So, I finally figured this little bit out. When you want to have a one-time use for the authentication token (such as an auto-generated login for a new user) you do the following:

In your user model, add

before_create :ensure_authentication_token

def after_token_authentication

  self.authentication_token = nil

  self.save

end

Then on whatever controller you are using as the destination of that first page that you want them to be able to login from, add this:

current_user.after_token_authentication

This will wipe out the token and it will not be reusable afterwards.

Keith Posehn

Devise for Ruby On Rails: Delete authentication_token after token login

Related Posts

Rails CMS in 2 days...Sorta 18 Dec 2010

A Note With Heroku Stacks & Rails 3 + CSV 17 Dec 2010

Heroku Rake/Cron - No Namespace 19 Nov 2010