Home/ Questions/Q 804617
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T23:56:53+00:00

I think I’m just missing something obvious. I send a user a perishable token

  • 0

I think I’m just missing something obvious. I send a user a perishable token embedded in a link. They click on it, and they come back to the site. I want to log them in automatically — authenticated by their perishable token, not the password. (I’m not building a banking app).

This seems like this should be simple, but all the examples I’ve found require a password. How do I skip this completely? When I try to get UserSession.create to work, it reports a validation error and will not create the user session. What is the way around this?

@user = User.find_by_perishable_token(params[:token])
if @user
  if !current_user
    # skip sign-in
    UserSession.create!(@user.email)
     # => error "You did not provide any details for authentication."
  ...

I have googled extensively but haven’t found the answer.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Doesn’t UserSession.create take a user object as it’s first argument? If so, couldn’t you just do:

    UserSession.create(User.find_by_perishable_token(params[:token]))
@current_user_session = UserSession.find

    Or is that where you’re running into problems?

    • 0