Module: Devise::Models::Authenticatable::ClassMethods

Defined in:
lib/devise/models/authenticatable.rb

Instance Method Summary collapse

Instance Method Details

#devise_parameter_filterObject (protected)


303
304
305
# File 'lib/devise/models/authenticatable.rb', line 303

def devise_parameter_filter
  @devise_parameter_filter ||= Devise::ParameterFilter.new(case_insensitive_keys, strip_whitespace_keys)
end

#find_first_by_auth_conditions(tainted_conditions, opts = {}) ⇒ Object


274
275
276
# File 'lib/devise/models/authenticatable.rb', line 274

def find_first_by_auth_conditions(tainted_conditions, opts={})
  to_adapter.find_first(devise_parameter_filter.filter(tainted_conditions).merge(opts))
end

#find_for_authentication(tainted_conditions) ⇒ Object

Find first record based on conditions given (ie by the sign in form). This method is always called during an authentication process but it may be wrapped as well. For instance, database authenticatable provides a `find_for_database_authentication` that wraps a call to this method. This allows you to customize both database authenticatable or the whole authenticate stack by customize `find_for_authentication.`

Overwrite to add customized conditions, create a join, or maybe use a namedscope to filter records while authenticating. Example:

def self.find_for_authentication(tainted_conditions)
  find_first_by_auth_conditions(tainted_conditions, active: true)
end

Finally, notice that Devise also queries for users in other scenarios besides authentication, for example when retrieving a user to send an e-mail for password reset. In such cases, find_for_authentication is not called.


270
271
272
# File 'lib/devise/models/authenticatable.rb', line 270

def find_for_authentication(tainted_conditions)
  find_first_by_auth_conditions(tainted_conditions)
end

#find_or_initialize_with_error_by(attribute, value, error = :invalid) ⇒ Object

Find or initialize a record setting an error if it can't be found.


279
280
281
# File 'lib/devise/models/authenticatable.rb', line 279

def find_or_initialize_with_error_by(attribute, value, error=:invalid) #:nodoc:
  find_or_initialize_with_errors([attribute], { attribute => value }, error)
end

#find_or_initialize_with_errors(required_attributes, attributes, error = :invalid) ⇒ Object

Find or initialize a record with group of attributes based on a list of required attributes.


284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
# File 'lib/devise/models/authenticatable.rb', line 284

def find_or_initialize_with_errors(required_attributes, attributes, error=:invalid) #:nodoc:
  attributes.try(:permit!)
  attributes = attributes.to_h.with_indifferent_access
                         .slice(*required_attributes)
                         .delete_if { |key, value| value.blank? }

  if attributes.size == required_attributes.size
    record = find_first_by_auth_conditions(attributes) and return record
  end

  new(devise_parameter_filter.filter(attributes)).tap do |record|
    required_attributes.each do |key|
      record.errors.add(key, attributes[key].blank? ? :blank : error)
    end
  end
end

#http_authenticatable?(strategy) ⇒ Boolean

Returns:

  • (Boolean)

246
247
248
249
# File 'lib/devise/models/authenticatable.rb', line 246

def http_authenticatable?(strategy)
  http_authenticatable.is_a?(Array) ?
    http_authenticatable.include?(strategy) : http_authenticatable
end

#params_authenticatable?(strategy) ⇒ Boolean

Returns:

  • (Boolean)

241
242
243
244
# File 'lib/devise/models/authenticatable.rb', line 241

def params_authenticatable?(strategy)
  params_authenticatable.is_a?(Array) ?
    params_authenticatable.include?(strategy) : params_authenticatable
end

#serialize_from_session(key, salt) ⇒ Object


236
237
238
239
# File 'lib/devise/models/authenticatable.rb', line 236

def serialize_from_session(key, salt)
  record = to_adapter.get(key)
  record if record && record.authenticatable_salt == salt
end

#serialize_into_session(record) ⇒ Object


232
233
234
# File 'lib/devise/models/authenticatable.rb', line 232

def serialize_into_session(record)
  [record.to_key, record.authenticatable_salt]
end