Module: Devise

Defined in:
lib/devise.rb,
lib/devise/models.rb,
lib/devise/schema.rb,
lib/devise/mapping.rb,
lib/devise/version.rb,
lib/devise/failure_app.rb,
lib/devise/test_helpers.rb,
lib/devise/encryptors/base.rb,
lib/devise/encryptors/sha1.rb,
lib/devise/models/lockable.rb,
lib/devise/orm/data_mapper.rb,
lib/devise/strategies/base.rb,
lib/devise/models/trackable.rb,
lib/devise/orm/mongo_mapper.rb,
lib/devise/encryptors/bcrypt.rb,
lib/devise/encryptors/sha512.rb,
lib/devise/orm/active_record.rb,
lib/devise/models/activatable.rb,
lib/devise/models/confirmable.rb,
lib/devise/models/recoverable.rb,
lib/devise/models/timeoutable.rb,
lib/devise/models/validatable.rb,
lib/devise/controllers/helpers.rb,
lib/devise/models/registerable.rb,
lib/devise/models/rememberable.rb,
lib/devise/controllers/url_helpers.rb,
lib/devise/strategies/rememberable.rb,
lib/devise/encryptors/clearance_sha1.rb,
lib/devise/encryptors/authlogic_sha512.rb,
lib/devise/models/http_authenticatable.rb,
lib/devise/controllers/internal_helpers.rb,
lib/devise/models/token_authenticatable.rb,
lib/devise/models/database_authenticatable.rb,
lib/devise/strategies/http_authenticatable.rb,
lib/devise/strategies/token_authenticatable.rb,
lib/devise/strategies/database_authenticatable.rb,
lib/devise/encryptors/restful_authentication_sha1.rb

Defined Under Namespace

Modules: Controllers, Encryptors, Models, Orm, Schema, Strategies, TestHelpers Classes: CookieSanitizer, FailureApp, Mapping

Constant Summary collapse

ALL =
[]
CONTROLLERS =

Maps controller names to devise modules.

{
  :sessions => [:database_authenticatable, :token_authenticatable],
  :passwords => [:recoverable],
  :confirmations => [:confirmable],
  :registrations => [:registerable],
  :unlocks => [:lockable]
}
ROUTES =

Routes for generating url helpers.

[:session, :password, :confirmation, :registration, :unlock]
STRATEGIES =
[:rememberable, :http_authenticatable, :token_authenticatable, :database_authenticatable]
TRUE_VALUES =
[true, 1, '1', 't', 'T', 'true', 'TRUE']
FLASH_MESSAGES =

Maps the messages types that are used in flash message.

[:unauthenticated, :unconfirmed, :invalid, :invalid_token, :timeout, :inactive, :locked]
ENCRYPTORS_LENGTH =

Declare encryptors length which are used in migrations.

{
  :sha1   => 40,
  :sha512 => 128,
  :clearance_sha1 => 40,
  :restful_authentication_sha1 => 40,
  :authlogic_sha512 => 128,
  :bcrypt => 60
}
EMAIL_REGEX =

Email regex used to validate email formats. Adapted from authlogic.

/^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
VERSION =
"1.0.11".freeze
@@pepper =
nil
@@stretches =
10
@@authentication_keys =
[ :email ]
@@remember_for =
2.weeks
@@confirm_within =
0.days
@@timeout_in =
30.minutes
@@encryptor =
:sha1
@@mappings =
ActiveSupport::OrderedHash.new
@@orm =
:active_record
@@all =
[]
@@apply_schema =
true
@@scoped_views =
false
@@maximum_attempts =
20
@@unlock_strategy =
:both
@@unlock_in =
1.hour
@@use_default_scope =
false
@@default_scope =
nil
@@mailer_sender =
nil
@@mailer_content_type =
'text/html'
@@token_authentication_key =
:auth_token
@@http_authentication_realm =
"Application"

Class Method Summary collapse

Class Method Details

.add_module(module_name, options = {}) ⇒ Object

Make Devise aware of an 3rd party Devise-module. For convenience.

Options:

+strategy+    - Boolean value representing if this module got a custom *strategy*.
                Default is +false+. Note: Devise will auto-detect this in such case if this is true.
+model+       - String representing a load path to a custom *model* for this module (to autoload).
                Default is +nil+ (i.e. +false+).
+controller+  - Symbol representing a name of an exisiting or custom *controller* for this module.
                Default is +nil+ (i.e. +false+).
+route+       - Symbol representing the name of a *route* related to this module which a set of
                route view helpers should be created for.
                Default is +nil+ (i.e. +false+).

Examples:

Devise.add_module(:party_module)
Devise.add_module(:party_module, :strategy => true, :controller => :sessions)
Devise.add_module(:party_module, :model => 'party_module/model')


244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
# File 'lib/devise.rb', line 244

def add_module(module_name, options = {})
  Devise::ALL << module_name        unless Devise::ALL.include?(module_name)
  Devise::STRATEGIES.unshift module_name if options[:strategy] && !Devise::STRATEGIES.include?(module_name)

  if options[:controller]
    controller = options[:controller].to_sym
    Devise::CONTROLLERS[controller] ||= []
    Devise::CONTROLLERS[controller].unshift module_name unless Devise::CONTROLLERS[controller].include?(module_name)
  end

  if options[:route]
    Devise::ROUTES.unshift options[:route] unless Devise::ROUTES.include?(options[:route])
  end

  if options[:model]
    Devise::Models.module_eval do
      autoload :"#{module_name.to_s.classify}", options[:model]
    end
  end

  Devise::Mapping.register module_name
end

.configure_warden(config) ⇒ Object

A method used internally to setup warden manager from the Rails initialize block.



193
194
195
196
197
198
199
200
201
# File 'lib/devise.rb', line 193

def configure_warden(config) #:nodoc:
  config.default_strategies *Devise::STRATEGIES
  config.failure_app = Devise::FailureApp
  config.silence_missing_strategies!
  config.default_scope = Devise.default_scope

  # If the user provided a warden hook, call it now.
  @warden_config.try :call, config
end

.default_url_options(&block) ⇒ Object

Configure default url options to be used within Devise and ActionController.



185
186
187
188
189
# File 'lib/devise.rb', line 185

def default_url_options(&block)
  who = Devise::Mapping.respond_to?(:singleton_class) ?
    Devise::Mapping.singleton_class : Devise::Mapping.metaclass
  who.send :define_method, :default_url_options, &block
end

.friendly_tokenObject

Generate a friendly string randomically to be used as token.



209
210
211
# File 'lib/devise.rb', line 209

def friendly_token
  ActiveSupport::SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")
end

.orm_classObject

The class of the configured ORM



204
205
206
# File 'lib/devise.rb', line 204

def orm_class
  Devise::Orm.const_get(@@orm.to_s.camelize.to_sym)
end

.secure_compare(a, b) ⇒ Object

constant-time comparison algorithm to prevent timing attacks



214
215
216
217
218
219
220
221
222
# File 'lib/devise.rb', line 214

def secure_compare(a, b)
  return false unless a.present? && b.present?
  return false unless a.bytesize == b.bytesize
  l = a.unpack "C#{a.bytesize}"

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end

.setup {|_self| ... } ⇒ Object

Default way to setup Devise. Run script/generate devise_install to create a fresh initializer with all configuration values.

Yields:

  • (_self)

Yield Parameters:

  • _self (Devise)

    the object that the method was called on



165
166
167
# File 'lib/devise.rb', line 165

def setup
  yield self
end

.warden(&block) ⇒ Object

Sets warden configuration using a block that will be invoked on warden initialization.

Devise.initialize do |config|
  config.confirm_within = 2.days

  config.warden do |manager|
    # Configure warden to use other strategies, like oauth.
    manager.oauth(:twitter)
  end
end


180
181
182
# File 'lib/devise.rb', line 180

def warden(&block)
  @warden_config = block
end