# Terminal
rails g model user email password_digest
bundle update rails

# Gemfile
gem "rails", github: "rails/rails", branch: "main"
gem "bcrypt", "~> 3.1.7"

# models/user.rb
class User < ApplicationRecord
  has_secure_password

  generates_token_for :password_reset, expires_in: 15.minutes do
    BCrypt::Password.new(password_digest).salt[-10..]
  end
end

# Rails Console
User.create(email: "john.smith@example.com", password: "123456")
User.first.password_digest

user = User.first
token = user.generate_token_for(:password_reset)
user2 = User.find_by_token_for(:password_reset, token)

user2.update!(password: "newpassword")
user2 = User.find_by_token_for(:password_reset, token)
user2 = User.find_by_token_for!(:password_reset, token)