Module Devise::Models::Lockable
In: lib/devise/models/lockable.rb

Handles blocking a user access after a certain number of attempts. Lockable accepts two different strategies to unlock a user after it‘s blocked: email and time. The former will send an email to the user when the lock happens, containing a link to unlock its account. The second will unlock the user automatically after some configured time (ie 2.hours). It‘s also possible to setup lockable to use both email and time strategies.

Options

Lockable adds the following options to devise:

  * +maximum_attempts+: how many attempts should be accepted before blocking the user.
  * +lock_strategy+: lock the user account by :failed_attempts or :none.
  * +unlock_strategy+: unlock the user account by :time, :email, :both or :none.
  * +unlock_in+: the time you want to lock the user after to lock happens. Only available when unlock_strategy is :time or :both.
  * +unlock_keys+: the keys you want to use when locking and unlocking an account

Methods

Classes and Modules

Module Devise::Models::Lockable::ClassMethods

Public Instance methods

Verifies whether a user is locked or not.

Overwrites active_for_authentication? from Devise::Models::Activatable for locking purposes by verifying whether a user is active to sign in or not based on locked?

Overwrites invalid_message from Devise::Models::Authenticatable to define the correct reason for blocking the sign in.

Lock a user setting its locked_at to actual time.

Resend the unlock instructions if the user is locked.

Send unlock instructions by email

Unlock a user by cleaning locket_at and failed_attempts.

Overwrites valid_for_authentication? from Devise::Models::Authenticatable for verifying whether a user is allowed to sign in or not. If the user is locked, it should never be allowed.

Protected Instance methods

Generates unlock token

Checks whether the record is locked or not, yielding to the block if it‘s locked, otherwise adds an error to email.

Tells if the lock is expired if :time unlock strategy is active

[Validate]