Migrating Away from Devise Part 4: Email Confirmation Setup | t27duck

The app uses confirmable with devise to verify the account on creation including the ability to resent confirmation emails. Rails provides all the functionality needed to pull this off in a similar means as password recovery, but it'll have to be implemented manually. In regards to the User model, we are going to focus on the existing confirmed_at and confirmation_sent_at fields that already exist from the devise implementation.

Routes look like this, similar to how devise builds them. The show action is the landing point the user goes to when they click the link in their email. The new and create actions are to resent the email.

The controller follows a similar flow as the PasswordController. A different email and redirect paths are used as well as what token is pulled from. When we confirm the account, we set confirmed_at once to prevent a user from being "confirmed multiple times." Also, instead of using the provided token lookup and generation methods that has_secure_password provides for password reset tokens, we're manually setting up an "account_confirmation" token.

To generate the token for a user, generates_token_for is called on the User model. It auto expires after confirmed_at is set to a different value (ie, from nil to a date).

Leave a Comment