Handles blocking a user access after a certain number of attempts. Lockable accepts two different strategies to unlock a user after it’s blocked: email and time. The former will send an email to the user when the lock happens, containing a link to unlock its account. The second will unlock the user automatically after some configured time (ie 2.hours). It’s also possible to set up lockable to use both email and time strategies.
OptionsLockable adds the following options to devise:
* +maximum_attempts+: how many attempts should be accepted before blocking the user.
* +lock_strategy+: lock the user account by :failed_attempts or :none.
* +unlock_strategy+: unlock the user account by :time, :email, :both or :none.
* +unlock_in+: the time you want to unlock the user after lock happens. Only available when unlock_strategy is :time or :both.
* +unlock_keys+: the keys you want to use when locking and unlocking an account
Modules: ClassMethods
Class Method Summary collapse Instance Method Summary collapseVerifies whether a user is locked or not.
Overwrites active_for_authentication? from Devise::Models::Activatable for locking purposes by verifying whether a user is active to sign in or not based on locked?.
Overwrites invalid_message from Devise::Models::Authenticatable to define the correct reason for blocking the sign in.
Lock a user setting its locked_at to actual time.
Resend the unlock instructions if the user is locked.
Resets failed attempts counter to 0.
Send unlock instructions by email.
Unlock a user by cleaning locked_at and failed_attempts.
Overwrites valid_for_authentication? from Devise::Models::Authenticatable for verifying whether a user is allowed to sign in or not.
29 30 31 32 33 34 35 36
# File 'lib/devise/models/lockable.rb', line 29 def self.required_fields(klass) attributes = [] attributes << :failed_attempts if klass.lock_strategy_enabled?(:failed_attempts) attributes << :locked_at if klass.unlock_strategy_enabled?(:time) attributes << :unlock_token if klass.unlock_strategy_enabled?(:email) attributes endInstance Method Details #access_locked? ⇒ Boolean
Verifies whether a user is locked or not.
69 70 71
# File 'lib/devise/models/lockable.rb', line 69 def access_locked? !!locked_at && !lock_expired? end#active_for_authentication? ⇒ Boolean
Overwrites active_for_authentication? from Devise::Models::Activatable for locking purposes by verifying whether a user is active to sign in or not based on locked?
89 90 91
# File 'lib/devise/models/lockable.rb', line 89 def active_for_authentication? super && !access_locked? end#inactive_message ⇒ Object
Overwrites invalid_message from Devise::Models::Authenticatable to define the correct reason for blocking the sign in.
95 96 97
# File 'lib/devise/models/lockable.rb', line 95 def inactive_message access_locked? ? :locked : super end#increment_failed_attempts ⇒ Object
122 123 124 125
# File 'lib/devise/models/lockable.rb', line 122 def increment_failed_attempts self.class.increment_counter(:failed_attempts, id) reload end#lock_access!(opts = { }) ⇒ Object
Lock a user setting its locked_at to actual time.
opts: Hash options if you don’t want to send email when you lock access, you could pass the next hash ‘{ send_instructions: false } as option`.
42 43 44 45 46 47 48 49 50
# File 'lib/devise/models/lockable.rb', line 42
def lock_access!(opts = { })
self.locked_at = Time.now.utc
if unlock_strategy_enabled?(:email) && opts.fetch(:send_instructions, true)
send_unlock_instructions
else
save(validate: false)
end
end #resend_unlock_instructions ⇒ Object
Resend the unlock instructions if the user is locked.
83 84 85
# File 'lib/devise/models/lockable.rb', line 83
def resend_unlock_instructions
if_access_locked { send_unlock_instructions }
end #reset_failed_attempts! ⇒ Object
Resets failed attempts counter to 0.
61 62 63 64 65 66
# File 'lib/devise/models/lockable.rb', line 61
def reset_failed_attempts!
if respond_to?(:failed_attempts) && !failed_attempts.to_i.zero?
self.failed_attempts = 0
save(validate: false)
end
end #send_unlock_instructions ⇒ Object
Send unlock instructions by email
74 75 76 77 78 79 80
# File 'lib/devise/models/lockable.rb', line 74
def send_unlock_instructions
raw, enc = Devise.token_generator.generate(self.class, :unlock_token)
self.unlock_token = enc
save(validate: false)
send_devise_notification(:unlock_instructions, raw, {})
raw
end #unauthenticated_message ⇒ Object
127 128 129 130 131 132 133 134 135 136 137 138 139
# File 'lib/devise/models/lockable.rb', line 127
def unauthenticated_message
if Devise.paranoid
super
elsif access_locked? || (lock_strategy_enabled?(:failed_attempts) && attempts_exceeded?)
:locked
elsif lock_strategy_enabled?(:failed_attempts) && last_attempt? && self.class.last_attempt_warning
:last_attempt
else
super
end
end #unlock_access! ⇒ Object
Unlock a user by cleaning locked_at and failed_attempts.
53 54 55 56 57 58
# File 'lib/devise/models/lockable.rb', line 53 def unlock_access! self.locked_at = nil self.failed_attempts = 0 if respond_to?(:failed_attempts=) self.unlock_token = nil if respond_to?(:unlock_token=) save(validate: false) end#valid_for_authentication? ⇒ Boolean
Overwrites valid_for_authentication? from Devise::Models::Authenticatable for verifying whether a user is allowed to sign in or not. If the user is locked, it should never be allowed.
102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120
# File 'lib/devise/models/lockable.rb', line 102
def valid_for_authentication?
return super unless persisted? && lock_strategy_enabled?(:failed_attempts)
unlock_access! if lock_expired?
if super && !access_locked?
true
else
increment_failed_attempts
if attempts_exceeded?
lock_access! unless access_locked?
else
save(validate: false)
end
false
end
end
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4