How to create a link that automatically logs the user in on devise / rails?

Question

I'm trying to make signed up users to take some actions on my website, so I want to send them, by e-mail, a link directly to this action.

The problem is that I want them to be automatically logged in when clicking on this link.

I can do something obvious as creating an unique token and pass it through the url mysite.com/my_funky_action?login_bypass_token=af123fa127ba32 but this seems to me as a problem "solved many times before"

So, there is a simple way out there to do this using rails / devise? I've searched on devise documentation without success.

Answer 1

Using as basis the code from devise's recoverable, I did this

model:

class User < ActiveRecord::Base
    def set_login_bypass_token
        raw, enc = Devise.token_generator.generate(User, :login_bypass_token)
        self.login_bypass_token = enc
        self.login_bypass_token_set_at = Time.now.utc
        self.save(validate: false)
        raw
     end

     def self.by_bypass_token(token)
         original_token = Devise.token_generator.digest(self, :login_bypass_token, token)
         User.find_by(:login_bypass_token => original_token)
     end
end

mailer:

class SomeMailer < ActionMailer::Base
    def send_something
        ...
        @login_bypass_token = @user.set_login_bypass_token
        ...
    end
end

application_controller:

class ApplicationController < ActionController::Base
    layout :application_layout

    protect_from_forgery with: :exception
    before_action :bypass_login
    before_action :authenticate_user!

    private
        def bypass_login
            if params[:login_bypass_token]
                user = User.by_bypass_token(params[:login_bypass_token])
                sign_in(user, :bypass => true) if user
                redirect_to request.path
            end
        end
end

email template (in haml)

= link_to 'View this awesome page without login!', awesomeness_url(login_bypass_token: @login_bypass_token)