By default, Devise sends all emails synchronously with deliver_now.
To change that, Devise's readme suggests overwriting the send_devise_notification method like this:
class User
def send_devise_notification(notification, *args)
devise_mailer.send(notification, self, *args).deliver_later
end
end
However, there is one problem: When deliver_later enqueues the mail with ActiveJob, the job arguments are logged. In case of a password reset, this includes the password reset token, which should not be logged.
ActiveJob's logs can be disabled per job, so you can do this:
class ApplicationMailDeliveryJob < ActionMailer::MailDeliveryJob
self.log_arguments = false
end
class ApplicationMailer # (or any other mailer that the devise mailer inherits from, see devise configuration)
self.delivery_job = ApplicationMailDeliveryJob
end
With this configuration, you can send asynchronous mail without logging sensitive parameters and everyone is happy :)
Posted by Niklas Hasselmeyer to makandra dev (2023-09-28 10:50)