Module: Devise

Defined in:

lib/devise.rb,
lib/devise/rails.rb,
lib/devise/models.rb,
lib/devise/schema.rb,
lib/devise/mapping.rb,
lib/devise/version.rb,
lib/devise/omniauth.rb,
lib/devise/failure_app.rb,
lib/devise/orm/mongoid.rb,
lib/devise/path_checker.rb,
lib/devise/test_helpers.rb,
lib/devise/encryptors/base.rb,
lib/devise/encryptors/sha1.rb,
lib/devise/models/lockable.rb,
lib/devise/omniauth/config.rb,
lib/devise/strategies/base.rb,
lib/devise/models/trackable.rb,
lib/devise/encryptors/sha512.rb,
lib/devise/orm/active_record.rb,
lib/devise/models/confirmable.rb,
lib/devise/models/encryptable.rb,
lib/devise/models/recoverable.rb,
lib/devise/models/timeoutable.rb,
lib/devise/models/validatable.rb,
lib/devise/controllers/helpers.rb,
lib/devise/models/omniauthable.rb,
lib/devise/models/registerable.rb,
lib/devise/models/rememberable.rb,
lib/devise/omniauth/url_helpers.rb,
lib/devise/models/authenticatable.rb,
lib/generators/devise/orm_helpers.rb,
lib/devise/controllers/url_helpers.rb,
lib/devise/strategies/rememberable.rb,
lib/devise/controllers/rememberable.rb,
lib/devise/controllers/scoped_views.rb,
lib/devise/encryptors/clearance_sha1.rb,
lib/devise/controllers/shared_helpers.rb,
lib/devise/strategies/authenticatable.rb,
lib/generators/devise/views_generator.rb,
lib/devise/encryptors/authlogic_sha512.rb,
lib/generators/devise/devise_generator.rb,
lib/devise/controllers/internal_helpers.rb,
lib/devise/models/token_authenticatable.rb,
lib/generators/devise/install_generator.rb,
lib/devise/models/database_authenticatable.rb,
lib/devise/strategies/token_authenticatable.rb,
lib/devise/strategies/database_authenticatable.rb,
lib/devise/encryptors/restful_authentication_sha1.rb

Defined Under Namespace

Modules: Controllers, Encryptors, Generators, Models, OmniAuth, Orm, Schema, Strategies, TestHelpers Classes: ConfirmationsController, Engine, FailureApp, IndifferentHash, Mailer, Mapping, OmniauthCallbacksController, PasswordsController, PathChecker, RegistrationsController, SessionsController, UnlocksController

Constant Summary

ALL =

Constants which holds devise configuration for extensions. Those should not be modified by the “end user” (this is why they are constants).

[]

CONTROLLERS =

ActiveSupport::OrderedHash.new

ROUTES =

ActiveSupport::OrderedHash.new

STRATEGIES =

ActiveSupport::OrderedHash.new

URL_HELPERS =

ActiveSupport::OrderedHash.new

TRUE_VALUES =

True values used to check params

[true, 1, '1', 't', 'T', 'true', 'TRUE']

ENCRYPTORS_LENGTH =

Declare encryptors length which are used in migrations.

{
  :sha1   => 40,
  :sha512 => 128,
  :clearance_sha1 => 40,
  :restful_authentication_sha1 => 40,
  :authlogic_sha512 => 128
}

VERSION =

"1.3.4".freeze

@@cookie_options =

{}

@@stretches =

10

@@authentication_keys =

[ :email ]

@@request_keys =

[]

@@case_insensitive_keys =

false

@@http_authenticatable =

false

@@http_authenticatable_on_xhr =

true

@@params_authenticatable =

true

@@http_authentication_realm =

"Application"

@@email_regexp =

/\A([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})\z/i

@@password_length =

6..128

@@remember_for =

2.weeks

@@remember_across_browsers =

true

@@extend_remember_period =

false

@@use_salt_as_remember_token =

false

@@confirm_within =

0.days

@@confirmation_keys =

[ :email ]

@@timeout_in =

30.minutes

@@pepper =

nil

@@encryptor =

nil

@@apply_schema =

true

@@scoped_views =

false

@@lock_strategy =

:failed_attempts

@@unlock_keys =

[ :email ]

@@unlock_strategy =

:both

@@maximum_attempts =

20

@@unlock_in =

1.hour

@@reset_password_keys =

[ :email ]

@@reset_password_within =

nil

@@default_scope =

nil

@@mailer_sender =

nil

@@token_authentication_key =

:auth_token

@@stateless_token =

false

@@navigational_formats =

[:"*/*", "*/*", :html]

@@sign_out_all_scopes =

true

@@sign_out_via =

:get

@@mappings =

ActiveSupport::OrderedHash.new

@@omniauth_configs =

ActiveSupport::OrderedHash.new

@@helpers =

Set.new

@@warden_config =

nil

@@warden_config_block =

nil

Class Method Summary

• .add_mapping(resource, options) ⇒ Object

  Small method that adds a mapping to Devise.

• .add_module(module_name, options = {}) ⇒ Object

  Make Devise aware of an 3rd party Devise-module (like invitable).

• .configure_warden! ⇒ Object

  A method used internally to setup warden manager from the Rails initialize block.

• .friendly_token ⇒ Object

  Generate a friendly string randomically to be used as token.

• .include_helpers(scope) ⇒ Object

  Include helpers in the given scope to AC and AV.

• .mailer ⇒ Object

  Get the mailer class from the mailer reference object.

• .mailer=(class_name) ⇒ Object

  Set the mailer reference object to access the mailer.

• .omniauth(provider, *args) ⇒ Object

  Specify an omniauth provider.

• .omniauth_providers ⇒ Object
• .rack_session? ⇒ Boolean

  Returns true if Rails version is bigger than 3.0.x.

• .ref(arg) ⇒ Object
• .secure_compare(a, b) ⇒ Object

  constant-time comparison algorithm to prevent timing attacks.

• .setup {|_self| ... } ⇒ Object

  Default way to setup Devise.

• .warden(&block) ⇒ Object

  Sets warden configuration using a block that will be invoked on warden initialization.

Class Method Details

.add_mapping(resource, options) ⇒ Object

Small method that adds a mapping to Devise.

# File 'lib/devise.rb', line 262

def self.add_mapping(resource, options)
  mapping = Devise::Mapping.new(resource, options)
  @@mappings[mapping.name] = mapping
  @@default_scope ||= mapping.name
  @@helpers.each { |h| h.define_helpers(mapping) }
  mapping
end

.add_module(module_name, options = {}) ⇒ Object

Make Devise aware of an 3rd party Devise-module (like invitable). For convenience.

Options:

+model+      - String representing the load path to a custom *model* for this module (to autoload.)
+controller+ - Symbol representing the name of an exisiting or custom *controller* for this module.
+route+      - Symbol representing the named *route* helper for this module.
+strategy+   - Symbol representing if this module got a custom *strategy*.

All values, except :model, accept also a boolean and will have the same name as the given module name.

Examples:

Devise.add_module(:party_module)
Devise.add_module(:party_module, :strategy => true, :controller => :sessions)
Devise.add_module(:party_module, :model => 'party_module/model')

# File 'lib/devise.rb', line 288

def self.add_module(module_name, options = {})
  ALL << module_name
  options.assert_valid_keys(:strategy, :model, :controller, :route)

  if strategy = options[:strategy]
    STRATEGIES[module_name] = (strategy == true ? module_name : strategy)
  end

  if controller = options[:controller]
    CONTROLLERS[module_name] = (controller == true ? module_name : controller)
  end

  if route = options[:route]
    case route
    when TrueClass
      key, value = module_name, []
    when Symbol
      key, value = route, []
    when Hash
      key, value = route.keys.first, route.values.flatten
    else
      raise ArgumentError, ":route should be true, a Symbol or a Hash"
    end

    URL_HELPERS[key] ||= []
    URL_HELPERS[key].concat(value)
    URL_HELPERS[key].uniq!

    ROUTES[module_name] = key
  end

  if options[:model]
    path = (options[:model] == true ? "devise/models/#{module_name}" : options[:model])
    camelized = ActiveSupport::Inflector.camelize(module_name.to_s)
    Devise::Models.send(:autoload, camelized.to_sym, path)
  end

  Devise::Mapping.add_module module_name
end

.configure_warden! ⇒ Object

A method used internally to setup warden manager from the Rails initialize block.

# File 'lib/devise.rb', line 371

def self.configure_warden! #:nodoc:
  @@warden_configured ||= begin
    warden_config.failure_app   = Devise::FailureApp
    warden_config.default_scope = Devise.default_scope
    warden_config.intercept_401 = false

    Devise.mappings.each_value do |mapping|
      warden_config.scope_defaults mapping.name, :strategies => mapping.strategies
    end

    @@warden_config_block.try :call, Devise.warden_config
    true
  end
end

.friendly_token ⇒ Object

Generate a friendly string randomically to be used as token.

# File 'lib/devise.rb', line 387

def self.friendly_token
  ActiveSupport::SecureRandom.base64(15).tr('+/=', 'xyz')
end

.include_helpers(scope) ⇒ Object

Include helpers in the given scope to AC and AV.

# File 'lib/devise.rb', line 353

def self.include_helpers(scope)
  ActiveSupport.on_load(:action_controller) do
    include scope::Helpers if defined?(scope::Helpers)
    include scope::UrlHelpers
  end

  ActiveSupport.on_load(:action_view) do
    include scope::UrlHelpers
  end
end

.mailer ⇒ Object

Get the mailer class from the mailer reference object.

# File 'lib/devise.rb', line 247

def self.mailer
  if defined?(ActiveSupport::Dependencies::ClassCache)
    @@mailer_ref.get "Devise::Mailer"
  else
    @@mailer_ref.get
  end
end

.mailer=(class_name) ⇒ Object

Set the mailer reference object to access the mailer.

# File 'lib/devise.rb', line 256

def self.mailer=(class_name)
  @@mailer_ref = ref(class_name)
end

.omniauth(provider, *args) ⇒ Object

Specify an omniauth provider.

config.omniauth :github, APP_ID, APP_SECRET

# File 'lib/devise.rb', line 347

def self.omniauth(provider, *args)
  @@helpers << Devise::OmniAuth::UrlHelpers
  @@omniauth_configs[provider] = Devise::OmniAuth::Config.new(provider, args)
end

.omniauth_providers ⇒ Object

# File 'lib/devise.rb', line 242

def self.omniauth_providers
  omniauth_configs.keys
end

.rack_session? ⇒ Boolean

Returns true if Rails version is bigger than 3.0.x

Returns:

• (Boolean)

# File 'lib/devise.rb', line 365

def self.rack_session?
  Rails::VERSION::STRING[0,3] != "3.0"
end

.ref(arg) ⇒ Object

# File 'lib/devise.rb', line 234

def self.ref(arg)
  if defined?(ActiveSupport::Dependencies::ClassCache)
    ActiveSupport::Dependencies::Reference.store(arg)
  else
    ActiveSupport::Dependencies.ref(arg)
  end
end

.secure_compare(a, b) ⇒ Object

constant-time comparison algorithm to prevent timing attacks

# File 'lib/devise.rb', line 392

def self.secure_compare(a, b)
  return false if a.blank? || b.blank? || a.bytesize != b.bytesize
  l = a.unpack "C#{a.bytesize}"

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end

.setup {|_self| ... } ⇒ Object

Default way to setup Devise. Run rails generate devise_install to create a fresh initializer with all configuration values.

Yields:

• (_self)

Yield Parameters:

• _self (Devise) —

  the object that the method was called on

# File 'lib/devise.rb', line 230

def self.setup
  yield self
end

.warden(&block) ⇒ Object

Sets warden configuration using a block that will be invoked on warden initialization.

Devise.initialize do |config|
  config.confirm_within = 2.days

  config.warden do |manager|
    # Configure warden to use other strategies, like oauth.
    manager.oauth(:twitter)
  end
end

# File 'lib/devise.rb', line 339

def self.warden(&block)
  @@warden_config_block = block
end