Module: Devise::Models::Authenticatable

Extended by:
ActiveSupport::Concern
Includes:
Serializable
Defined in:
lib/devise/models/authenticatable.rb

Overview

Authenticatable module. Holds common settings for authentication.

Options

Authenticatable adds the following options to devise_for:

* +authentication_keys+: parameters used for authentication. By default [:email].

* +request_keys+: parameters from the request object used for authentication.
  By specifying a symbol (which should be a request method), it will automatically be
  passed to find_for_authentication method and considered in your model lookup.

  For instance, if you set :request_keys to [:subdomain], :subdomain will be considered
  as key on authentication. This can also be a hash where the value is a boolean expliciting
  if the value is required or not.

* +http_authenticatable+: if this model allows http authentication. By default true.
  It also accepts an array specifying the strategies that should allow http.

* +params_authenticatable+: if this model allows authentication through request params. By default true.
  It also accepts an array specifying the strategies that should allow params authentication.

active_for_authentication?

After authenticating a user and in each request, Devise checks if your model is active by calling model.active_for_authentication?. This method is overwriten by other devise modules. For instance, :confirmable overwrites .active_for_authentication? to only return true if your model was confirmed.

You overwrite this method yourself, but if you do, don’t forget to call super:

def active_for_authentication?
  super && special_condition_is_valid?
end

Whenever active_for_authentication? returns false, Devise asks the reason why your model is inactive using the inactive_message method. You can overwrite it as well:

def inactive_message
  special_condition_is_valid? ? super : :special_condition_is_not_valid
end

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#active_for_authentication?Boolean

Returns:

  • (Boolean)


70
71
72
# File 'lib/devise/models/authenticatable.rb', line 70

def active_for_authentication?
  true
end

#authenticatable_saltObject



78
79
# File 'lib/devise/models/authenticatable.rb', line 78

def authenticatable_salt
end

#devise_mailerObject



81
82
83
# File 'lib/devise/models/authenticatable.rb', line 81

def devise_mailer
  Devise.mailer
end

#downcase_keysObject



89
90
91
# File 'lib/devise/models/authenticatable.rb', line 89

def downcase_keys
  (self.class.case_insensitive_keys || []).each { |k| self[k].try(:downcase!) }
end

#headers_for(name) ⇒ Object



85
86
87
# File 'lib/devise/models/authenticatable.rb', line 85

def headers_for(name)
  {}
end

#inactive_messageObject



74
75
76
# File 'lib/devise/models/authenticatable.rb', line 74

def inactive_message
  :inactive
end

#strip_whitespaceObject



93
94
95
# File 'lib/devise/models/authenticatable.rb', line 93

def strip_whitespace
  (self.class.strip_whitespace_keys || []).each { |k| self[k].try(:strip!) }
end

#valid_for_authentication?Boolean

Check if the current object is valid for authentication. This method and find_for_authentication are the methods used in a Warden::Strategy to check if a model should be signed in or not.

However, you should not overwrite this method, you should overwrite active_for_authentication? and inactive_message instead.

Returns:

  • (Boolean)


66
67
68
# File 'lib/devise/models/authenticatable.rb', line 66

def valid_for_authentication?
  block_given? ? yield : true
end