Remove use of devise token_authenticable

Our production servers don't show any use of this feature. The associated column is nil for all users. The gem has not been updated in seven years and it's blocking an important upgrade of devise.
2026-03-20 04:59:16 +00:00 · 2026-03-18 16:18:40 +11:00
parent c5aaecf76a
commit 2998432744
2 changed files with 1 additions and 6 deletions
--- a/app/models/spree/user.rb
+++ b/app/models/spree/user.rb
@@ -8,7 +8,7 @@ module Spree

    searchable_attributes :email

-    devise :database_authenticatable, :token_authenticatable, :registerable, :recoverable,
+    devise :database_authenticatable, :registerable, :recoverable,
           :rememberable, :trackable, :validatable, :omniauthable,
           :encryptable, :confirmable,
           encryptor: 'authlogic_sha512', reconfirmable: true,
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -138,11 +138,6 @@ Devise.setup do |config|
  config.case_insensitive_keys = [:email]
 end

-Devise::TokenAuthenticatable.setup do |config|
-  # Defines name of the authentication token params key
-  config.token_authentication_key = :auth_token
-end
-
 if ENV["OPENID_APP_ID"].present? && ENV["OPENID_APP_SECRET"].present?
  Devise.setup do |config|
    site = if Rails.env.development?