You commented on my similar question a bit ago, and I found an answer that might help you as well.
Upgrading to Devise 3.1.0 left some ‘cruft’ in a view that I hadn’t touched in a while. According to this blog post, you need to change your Devise mailer to use @token instead of the old @resource.confirmation_token.
Find this in app/views/<user>/mailer/reset_password_instructions.html.erb and change it to something like:
<p>Hello <%= @resource.email %>!</p>
<p>Someone has requested a link to change your password, and you can do this through the link below.</p>
<p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token) %></p>
<p>If you didn't request this, please ignore this email.</p>
<p>Your password won't change until you access the link above and create a new one.</p>
This should fix any token-based confirmation problems you’re having. This is likely to fix any unlock or confirmation token problems as well.