lib/devise/strategies/token_authenticatable.rb in devise-1.1.rc0 vs lib/devise/strategies/token_authenticatable.rb in devise-1.1.rc1

@@ -9,10 +9,13 @@
     #
     # For HTTP, you can pass the token as username. Since some clients may require a password,
     # you can pass anything and it will simply be ignored.
     class TokenAuthenticatable < Authenticatable
       def authenticate!
-        if resource = mapping.to.authenticate_with_token(authentication_hash)
+        resource = mapping.to.find_for_token_authentication(authentication_hash)
+
+        if validate(resource)
+          resource.after_token_authentication
           success!(resource)
         else
           fail(:invalid_token)
         end
       end