From 42c9777de3c1a51b68e2d81b7b762e91a98b0455 Mon Sep 17 00:00:00 2001
From: Doug Toppin <dougtoppin@gmail.com>
Date: Tue, 25 Feb 2014 22:14:32 -0500
Subject: [PATCH] using base64 caused an occasional token string to contain '+'
 which resulted in a space being embedded in the token.  'hex' should always
 produce a url safe string for the token.

---
 lib/models/user.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/models/user.js b/lib/models/user.js
index 652051ea..639d383d 100644
--- a/lib/models/user.js
+++ b/lib/models/user.js
@@ -281,7 +281,8 @@ User.prototype.verify = function (options, fn) {
     if(err) {
       fn(err);
     } else {
-      user.verificationToken = buf.toString('base64');
+      // base64 may not produce a url safe string so we are using hex
+      user.verificationToken = buf.toString('hex');
       user.save(function (err) {
         if(err) {
           fn(err);