Module: Devise

Defined in:
lib/devise.rb,
lib/devise/rails.rb,
lib/devise/models.rb,
lib/devise/mapping.rb,
lib/devise/version.rb,
lib/devise/omniauth.rb,
lib/devise/delegator.rb,
lib/devise/failure_app.rb,
lib/devise/param_filter.rb,
lib/devise/test_helpers.rb,
lib/devise/time_inflector.rb,
lib/devise/mailers/helpers.rb,
lib/devise/strategies/base.rb,
lib/devise/omniauth/config.rb,
lib/devise/models/lockable.rb,
lib/devise/models/trackable.rb,
lib/devise/models/validatable.rb,
lib/devise/models/recoverable.rb,
lib/devise/models/confirmable.rb,
lib/devise/models/timeoutable.rb,
lib/devise/controllers/helpers.rb,
lib/devise/parameter_sanitizer.rb,
lib/devise/models/registerable.rb,
lib/devise/models/rememberable.rb,
lib/devise/models/omniauthable.rb,
lib/devise/omniauth/url_helpers.rb,
lib/devise/models/authenticatable.rb,
lib/generators/devise/orm_helpers.rb,
lib/devise/controllers/url_helpers.rb,
lib/devise/strategies/rememberable.rb,
lib/devise/controllers/rememberable.rb,
lib/devise/controllers/scoped_views.rb,
lib/devise/strategies/authenticatable.rb,
lib/generators/devise/views_generator.rb,
lib/generators/devise/devise_generator.rb,
lib/devise/models/token_authenticatable.rb,
lib/generators/devise/install_generator.rb,
lib/devise/models/database_authenticatable.rb,
lib/devise/strategies/token_authenticatable.rb,
lib/devise/strategies/database_authenticatable.rb

Defined Under Namespace

Modules: Controllers, Generators, Mailers, Models, OmniAuth, Strategies, TestHelpers Classes: BaseSanitizer, ConfirmationsController, Delegator, Engine, FailureApp, Getter, Mailer, Mapping, OmniauthCallbacksController, ParamFilter, ParameterSanitizer, PasswordsController, RegistrationsController, SessionsController, TimeInflector, UnlocksController

Constant Summary

ALL =

Constants which holds devise configuration for extensions. Those should not be modified by the “end user” (this is why they are constants).

[]
CONTROLLERS = 
ActiveSupport::OrderedHash.new
ROUTES = 
ActiveSupport::OrderedHash.new
STRATEGIES = 
ActiveSupport::OrderedHash.new
URL_HELPERS = 
ActiveSupport::OrderedHash.new
NO_INPUT =

Strategies that do not require user input.

[]
TRUE_VALUES =

True values used to check params

[true, 1, '1', 't', 'T', 'true', 'TRUE']
VERSION = 
"3.0.0.rc".freeze
@@rememberable_options = 
{}
@@stretches = 
10
@@http_authentication_key = 
nil
@@authentication_keys = 
[ :email ]
@@request_keys = 
[]
@@case_insensitive_keys = 
[ :email ]
@@strip_whitespace_keys = 
[]
@@http_authenticatable = 
false
@@http_authenticatable_on_xhr = 
true
@@params_authenticatable = 
true
@@http_authentication_realm = 
"Application"
@@email_regexp = 
/\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/
@@password_length = 
6..128
@@remember_for = 
2.weeks
@@extend_remember_period = 
false
@@allow_unconfirmed_access_for = 
0.days
@@confirm_within = 
nil
@@confirmation_keys = 
[ :email ]
@@reconfirmable = 
false
@@timeout_in = 
30.minutes
@@expire_auth_token_on_timeout = 
false
@@pepper = 
nil
@@scoped_views = 
false
@@lock_strategy = 
:failed_attempts
@@unlock_keys = 
[ :email ]
@@unlock_strategy = 
:both
@@maximum_attempts = 
20
@@unlock_in = 
1.hour
@@reset_password_keys = 
[ :email ]
@@reset_password_within = 
6.hours
@@default_scope = 
nil
@@mailer_sender = 
nil
@@token_authentication_key = 
:auth_token
@@skip_session_storage = 
[]
["*/*", :html]
@@sign_out_all_scopes = 
true
@@sign_out_via = 
:get
@@parent_controller = 
"ApplicationController"
@@parent_mailer = 
"ActionMailer::Base"
@@router_name = 
nil
@@omniauth_path_prefix = 
nil
@@mappings = 
ActiveSupport::OrderedHash.new
@@omniauth_configs = 
ActiveSupport::OrderedHash.new
@@helpers = 
Set.new
@@warden_config = 
nil
@@warden_config_block = 
nil
@@paranoid = 
false

Class Method Summary (collapse)

Class Method Details

+ (Object) add_mapping(resource, options)

Small method that adds a mapping to Devise.



307
308
309
310
311
312
313
 
# File 'lib/devise.rb', line 307

def self.add_mapping(resource, options)
  mapping = Devise::Mapping.new(resource, options)
  @@mappings[mapping.name] = mapping
  @@default_scope ||= mapping.name
  @@helpers.each { |h| h.define_helpers(mapping) }
  mapping
end

+ (Object) add_module(module_name, options = {})

Make Devise aware of an 3rd party Devise-module (like invitable). For convenience.

Options:

+model+      - String representing the load path to a custom *model* for this module (to autoload.)
+controller+ - Symbol representing the name of an existing or custom *controller* for this module.
+route+      - Symbol representing the named *route* helper for this module.
+strategy+   - Symbol representing if this module got a custom *strategy*.

All values, except :model, accept also a boolean and will have the same name as the given module name.

Examples:

Devise.add_module(:party_module)
Devise.add_module(:party_module, :strategy => true, :controller => :sessions)
Devise.add_module(:party_module, :model => 'party_module/model')


333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
 
# File 'lib/devise.rb', line 333

def self.add_module(module_name, options = {})
  ALL << module_name
  options.assert_valid_keys(:strategy, :model, :controller, :route, :no_input)

  if strategy = options[:strategy]
    strategy = (strategy == true ? module_name : strategy)
    STRATEGIES[module_name] = strategy
  end

  if controller = options[:controller]
    controller = (controller == true ? module_name : controller)
    CONTROLLERS[module_name] = controller
  end

  NO_INPUT << strategy if options[:no_input]

  if route = options[:route]
    case route
    when TrueClass
      key, value = module_name, []
    when Symbol
      key, value = route, []
    when Hash
      key, value = route.keys.first, route.values.flatten
    else
      raise ArgumentError, ":route should be true, a Symbol or a Hash"
    end

    URL_HELPERS[key] ||= []
    URL_HELPERS[key].concat(value)
    URL_HELPERS[key].uniq!

    ROUTES[module_name] = key
  end

  if options[:model]
    path = (options[:model] == true ? "devise/models/#{module_name}" : options[:model])
    camelized = ActiveSupport::Inflector.camelize(module_name.to_s)
    Devise::Models.send(:autoload, camelized.to_sym, path)
  end

  Devise::Mapping.add_module module_name
end

+ (Object) apply_schema=(value) 



234
235
236
 
# File 'lib/devise.rb', line 234

def self.apply_schema=(value)
  warn "\n[DEVISE] Devise.apply_schema is deprecated and has no effect. Please remove it.\n"
end

+ (Object) available_router_name 



287
288
289
 
# File 'lib/devise.rb', line 287

def self.available_router_name
  router_name || :main_app
end

+ (Object) configure_warden!

A method used internally to setup warden manager from the Rails initialize block.



422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
 
# File 'lib/devise.rb', line 422

def self.configure_warden! #:nodoc:
  @@warden_configured ||= begin
    warden_config.failure_app   = Devise::Delegator.new
    warden_config.default_scope = Devise.default_scope
    warden_config.intercept_401 = false

    Devise.mappings.each_value do |mapping|
      warden_config.scope_defaults mapping.name, :strategies => mapping.strategies

      warden_config.serialize_into_session(mapping.name) do |record|
        mapping.to.serialize_into_session(record)
      end

      warden_config.serialize_from_session(mapping.name) do |key|
        # Previous versions contained an additional entry at the beginning of
        # key with the record's class name.
        args = key[-2, 2]
        mapping.to.serialize_from_session(*args)
      end
    end

    @@warden_config_block.try :call, Devise.warden_config
    true
  end
end

+ (Object) encryptor=(value) 



226
227
228
 
# File 'lib/devise.rb', line 226

def self.encryptor=(value)
  warn "\n[DEVISE] To select a encryption which isn't bcrypt, you should use devise-encryptable gem.\n"
end

+ (Object) friendly_token

Generate a friendly string randomly to be used as token.



449
450
451
 
# File 'lib/devise.rb', line 449

def self.friendly_token
  SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
end

+ (Object) include_helpers(scope)

Include helpers in the given scope to AC and AV.



403
404
405
406
407
408
409
410
411
412
 
# File 'lib/devise.rb', line 403

def self.include_helpers(scope)
  ActiveSupport.on_load(:action_controller) do
    include scope::Helpers if defined?(scope::Helpers)
    include scope::UrlHelpers
  end

  ActiveSupport.on_load(:action_view) do
    include scope::UrlHelpers
  end
end

+ (Object) mailer

Get the mailer class from the mailer reference object.



296
297
298
 
# File 'lib/devise.rb', line 296

def self.mailer
  @@mailer_ref.get
end

+ (Object) mailer=(class_name)

Set the mailer reference object to access the mailer.



301
302
303
 
# File 'lib/devise.rb', line 301

def self.mailer=(class_name)
  @@mailer_ref = ref(class_name)
end

+ (Object) omniauth(provider, *args)

Specify an omniauth provider.

config.omniauth :github, APP_ID, APP_SECRET


396
397
398
399
400
 
# File 'lib/devise.rb', line 396

def self.omniauth(provider, *args)
  @@helpers << Devise::OmniAuth::UrlHelpers
  config = Devise::OmniAuth::Config.new(provider, args)
  @@omniauth_configs[config.strategy_name.to_sym] = config
end

+ (Object) omniauth_providers 



291
292
293
 
# File 'lib/devise.rb', line 291

def self.omniauth_providers
  omniauth_configs.keys
end

+ (Object) ref(arg) 



278
279
280
281
282
283
284
285
 
# File 'lib/devise.rb', line 278

def self.ref(arg)
  if defined?(ActiveSupport::Dependencies::ClassCache)
    ActiveSupport::Dependencies::reference(arg)
    Getter.new(arg)
  else
    ActiveSupport::Dependencies.ref(arg)
  end
end

+ (Object) regenerate_helpers!

Regenerates url helpers considering Devise.mapping



415
416
417
418
 
# File 'lib/devise.rb', line 415

def self.regenerate_helpers!
  Devise::Controllers::UrlHelpers.remove_helpers!
  Devise::Controllers::UrlHelpers.generate_helpers!
end

+ (Object) secure_compare(a, b)

constant-time comparison algorithm to prevent timing attacks



454
455
456
457
458
459
460
461
 
# File 'lib/devise.rb', line 454

def self.secure_compare(a, b)
  return false if a.blank? || b.blank? || a.bytesize != b.bytesize
  l = a.unpack "C#{a.bytesize}"

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end

+ (Object) setup {|_self| ... }

Default way to setup Devise. Run rails generate devise_install to create a fresh initializer with all configuration values.

Yields:

  • (_self)

Yield Parameters:

  • _self (Devise)

    the object that the method was called on



264
265
266
 
# File 'lib/devise.rb', line 264

def self.setup
  yield self
end

+ (Object) use_salt_as_remember_token=(value) 



230
231
232
 
# File 'lib/devise.rb', line 230

def self.use_salt_as_remember_token=(value)
  warn "\n[DEVISE] Devise.use_salt_as_remember_token is deprecated and has no effect. Please remove it.\n"
end

+ (Object) warden(&block)

Sets warden configuration using a block that will be invoked on warden initialization.

Devise.initialize do |config|
  config.allow_unconfirmed_access_for = 2.days

  config.warden do |manager|
    # Configure warden to use other strategies, like oauth.
    manager.oauth(:twitter)
  end
end


388
389
390
 
# File 'lib/devise.rb', line 388

def self.warden(&block)
  @@warden_config_block = block
end