Method: Devise::Models::Authenticatable#serializable_hash

Defined in:
lib/devise/models/authenticatable.rb

#serializable_hash(options = nil) ⇒ Object

Redefine serializable_hash in models for more secure defaults. By default, it removes from the serializable model all attributes that are not accessible. You can remove this default by using :force_except and passing a new list of attributes you want to exempt. All attributes given to :except will simply add names to exempt to Devise internal list.



105
106
107
108
109
110
111
112
113
114
115
116
 
# File 'lib/devise/models/authenticatable.rb', line 105

def serializable_hash(options = nil)
  options = options.try(:dup) || {}
  options[:except] = Array(options[:except]).dup

  if options[:force_except]
    options[:except].concat Array(options[:force_except])
  else
    options[:except].concat UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
  end

  super(options)
end