found a solution in railscasts
added to before_save remember_token and changed create_remember_token
I don't know it's right? but it works
class User < ActiveRecord::Base
attr_accessible :email, :lname, :name, :password, :password_confirmation
has_secure_password
before_save { |user| user.email = email.downcase }
before_save { create_remember_token(:remember_token) }
validates :name, presence: true, length: { maximum: 50 }
validates :lname, presence: true, length: { maximum: 50 }
VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
validates :email, presence: true, format: { with: VALID_EMAIL_REGEX },
uniqueness: { case_sensitive: false }
validates :password, presence: true, :on => :create
validates :password, length: { minimum: 6 }, :allow_blank => true
validates :password_confirmation, presence: true, :on => :create
def send_password_reset
create_remember_token(:password_reset_token)
self.password_reset_sent_at = Time.zone.now
save!
UserMailer.password_reset(self).deliver
end
def create_remember_token(column)
begin
self[column] = SecureRandom.urlsafe_base64
end while User.exists?(column => self[column])
end
end