Hi, I wanna know if it's possible to create a new token. I saw the test file and there was a regenerate token function, can I use it like user.regenerate_token? thanks in advance

Or any number of characters for that matter?

Using this and rails console, this appears to be saving tokens directly in plain text in the database. Is there a way to have the migrations create a hashed digest column in the database instead?

I'm concerned because as I see it now we're simply matching plaintext strings.

SecureRandom uses /dev/urandom which is non blocking (fantastic!), however when the entropy pool becomes small enough it becomes possible to guess the resulting number produced.

Reading /dev/random will be a much more secure way of generating this.

The only possible downside is that /dev/random is blocking

In my model I need to have an email confirmation token and a reset password token. Having the email confirmation token generated on creation is fine, but having it generated on creation for the reset password token is not required.

Maybe it would be nice to have an option so that when set, the token is not generated on create?

I just upgraded to Rails 5.2.3 and Ruby 2.4.0 and get the following warnings when starting the server in development:

`/Users/me/.rvm/gems/ruby-2.4.0/gems/has_secure_token-1.0.0/lib/active_support/core_ext/securerandom.rb:4: warning: already initialized constant SecureRandom::BASE58_ALPHABET

/Users/me/.rvm/gems/ruby-2.4.0/gems/activesupport-5.2.3/lib/active_support/core_ext/securerandom.rb:6: warning: previous definition of BASE58_ALPHABET was here`

The warnings disappear when I remove 'has_secure_token' from my User.rb file.

I am building an app where I use to secure token as an API key, so this gem is great for generating an API key when the record is created, as well as the ability to re-generate the token.

However, if the record is merely edited, I do not want the token to be re-generated, as it currently seems to do. Would be nice to have an option to specify or exclude which actions trigger token re-generation?

Hi all!!
I was creating my own auth method/module and trying to use this gem but it didn't work for rails 7. update_attributes is deprecated.

Since this is a backport

I've yet to check what upstream is doing, but would a before_validation hook be more appropriate than a before_create hook? Currently things like validates_presence_of :token don't work.

After installing the gem and putting has_secure_token :uid into my model it says in rails console:

$ ImageSearch.all
$ NoMethodError: undefined method `has_secure_token' for #<Class:0x007fab3cc8f598>
  ........

Am I missing something?

Thanks in advance!