Devise::Revokable
A module for Devise
This gem was created by “borrowing” heavily from Devise::Invitable
It exists to extend Devise to provide the basis for what is essentially the reverse of the standard confirmable
module. Where confirmable
sends an email and awaits a response, before confirming a new registration, revokable
allows immediate access and sends an email which provides a link to “revoke” the account if it was created fraudulently.
This is useful if you want to lower the barrier to entry to creating accounts, and clearly, if account security isn’t a concern.
Note that tests are non-existent. Use freely but at your own risk.
Configuring
It works like normal Devise modules. Add the :revokable
module to the declaration.
# in user.rb
devise :revokable # plus other devise modules
If the user who received the revocation email follows the provided link and confirms revocation, the account will effectively be “revoked” and inactive, unable to log in.
Additionally, you may want to override #revoke!
to perfom additional revocation on the account, e.g. deleting posts made, resetting personal information, etc. The super method yields to a block for this purpose.
# in user.rb
def revoke!
super do
self.some_method_that_resets_me!
end
end
That’s about the extent of it. As with typical devise modules you can override the mailers and views with your own. Additionally you can define the module accessor @@mailer
on the module with a proc to handle your mail if you need to. This proc is yielded two arguments, the method name (e.g. :revocation_instructions), and the affected resource.
# in config/initializers/devise_revokable.rb
require 'devise_revokable'
require 'my_mailer'
DeviseRevokable.mailer = proc {|method_name, resource| MyMailer.send(:method_name, resource) }