Steps to reproduce (I’m pretty sure)
- deactivate a user (e.g.,
User.where("active = true and admin != true").update_all(active: false))
- have the user try to log in or otherwise get a validation token created
- activate the user with things like
Even though the user record shows “true” in the active field, they couldn’t log in. I tried a whole bunch of ways to activate a user (e.g., i called
user.save) and nothing kept the user from getting the “We sent an activation email, you need to follow those instructions” link when trying to log in until I finally found the email token and did
and then the user could log in.
The lesson is probably don’t deactivate a user unless you really mean it.