Devise for Ruby On Rails: Delete authentication_token after token login
25 Apr 2011
Tags: ruby on rails devise devise token authentication ruby on rails token authentication after_token_authenticationSo, I finally figured this little bit out. When you want to have a one-time use for the authentication token (such as an auto-generated login for a new user) you do the following:
In your user model, add
before_create :ensure_authentication_token
def after_token_authentication
self.authentication_token = nil
self.save
end
Then on whatever controller you are using as the destination of that first page that you want them to be able to login from, add this:
current_user.after_token_authentication
This will wipe out the token and it will not be reusable afterwards.