Module: Devise

Defined in:
lib/devise.rb,
lib/devise/rails.rb,
lib/devise/models.rb,
lib/devise/version.rb,
lib/devise/mapping.rb,
lib/devise/omniauth.rb,
lib/devise/delegator.rb,
lib/devise/failure_app.rb,
lib/devise/hooks/proxy.rb,
lib/devise/test_helpers.rb,
lib/devise/time_inflector.rb,
lib/devise/strategies/base.rb,
lib/devise/mailers/helpers.rb,
lib/devise/omniauth/config.rb,
lib/devise/token_generator.rb,
lib/devise/models/lockable.rb,
lib/devise/models/trackable.rb,
lib/devise/parameter_filter.rb,
lib/devise/models/validatable.rb,
lib/devise/models/confirmable.rb,
lib/devise/models/recoverable.rb,
lib/devise/models/timeoutable.rb,
lib/devise/models/rememberable.rb,
lib/devise/parameter_sanitizer.rb,
lib/devise/models/registerable.rb,
lib/devise/controllers/helpers.rb,
lib/devise/models/omniauthable.rb,
lib/devise/omniauth/url_helpers.rb,
lib/generators/devise/orm_helpers.rb,
lib/devise/models/authenticatable.rb,
lib/devise/strategies/rememberable.rb,
lib/devise/controllers/sign_in_out.rb,
lib/devise/controllers/url_helpers.rb,
lib/devise/controllers/scoped_views.rb,
lib/devise/controllers/rememberable.rb,
lib/generators/devise/views_generator.rb,
lib/devise/controllers/store_location.rb,
lib/devise/strategies/authenticatable.rb,
lib/generators/devise/devise_generator.rb,
lib/generators/devise/install_generator.rb,
lib/devise/models/database_authenticatable.rb,
lib/devise/strategies/database_authenticatable.rb

Defined Under Namespace

Modules: Controllers, Generators, Hooks, Mailers, Models, OmniAuth, Strategies, TestHelpers Classes: BaseSanitizer, CachingKeyGenerator, ConfirmationsController, Delegator, Engine, FailureApp, Getter, KeyGenerator, Mailer, Mapping, OmniauthCallbacksController, ParameterFilter, ParameterSanitizer, PasswordsController, RegistrationsController, SessionsController, TimeInflector, TokenGenerator, UnlocksController

Constant Summary

ALL =

Constants which holds devise configuration for extensions. Those should not be modified by the “end user” (this is why they are constants).

[]
CONTROLLERS =
ActiveSupport::OrderedHash.new
ROUTES =
ActiveSupport::OrderedHash.new
STRATEGIES =
ActiveSupport::OrderedHash.new
URL_HELPERS =
ActiveSupport::OrderedHash.new
NO_INPUT =

Strategies that do not require user input.

[]
TRUE_VALUES =

True values used to check params

[true, 1, '1', 't', 'T', 'true', 'TRUE']
VERSION =
"3.2.4".freeze
@@secret_key =
nil
@@rememberable_options =
{}
@@stretches =
10
@@http_authentication_key =
nil
@@authentication_keys =
[ :email ]
@@request_keys =
[]
@@case_insensitive_keys =
[ :email ]
@@strip_whitespace_keys =
[]
@@http_authenticatable =
false
@@http_authenticatable_on_xhr =
true
@@params_authenticatable =
true
@@http_authentication_realm =
"Application"
@@email_regexp =
/\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/
@@password_length =
6..128
@@remember_for =
2.weeks
@@extend_remember_period =
false
@@expire_all_remember_me_on_sign_out =
true
@@allow_unconfirmed_access_for =
0.days
@@confirm_within =
nil
@@confirmation_keys =
[ :email ]
@@reconfirmable =
false
@@timeout_in =
30.minutes
@@expire_auth_token_on_timeout =
false
@@pepper =
nil
@@scoped_views =
false
@@lock_strategy =
:failed_attempts
@@unlock_keys =
[ :email ]
@@unlock_strategy =
:both
@@maximum_attempts =
20
@@unlock_in =
1.hour
@@reset_password_keys =
[ :email ]
@@reset_password_within =
6.hours
@@default_scope =
nil
@@mailer_sender =
nil
@@skip_session_storage =
[]
["*/*", :html]
@@sign_out_all_scopes =
true
@@sign_out_via =
:get
@@parent_controller =
"ApplicationController"
@@parent_mailer =
"ActionMailer::Base"
@@router_name =
nil
@@omniauth_path_prefix =
nil
@@clean_up_csrf_token_on_authentication =
true
@@mappings =
ActiveSupport::OrderedHash.new
@@omniauth_configs =
ActiveSupport::OrderedHash.new
@@helpers =
Set.new
@@warden_config =
nil
@@warden_config_blocks =
[]
@@paranoid =
false
@@last_attempt_warning =
false
@@token_generator =
nil

Class Method Summary (collapse)

Class Method Details

+ (Object) add_mapping(resource, options)

Small method that adds a mapping to Devise.



334
335
336
337
338
339
340
# File 'lib/devise.rb', line 334

def self.add_mapping(resource, options)
  mapping = Devise::Mapping.new(resource, options)
  @@mappings[mapping.name] = mapping
  @@default_scope ||= mapping.name
  @@helpers.each { |h| h.define_helpers(mapping) }
  mapping
end

+ (Object) add_module(module_name, options = {})

Make Devise aware of an 3rd party Devise-module (like invitable). For convenience.

Options:

+model+      - String representing the load path to a custom *model* for this module (to autoload.)
+controller+ - Symbol representing the name of an existing or custom *controller* for this module.
+route+      - Symbol representing the named *route* helper for this module.
+strategy+   - Symbol representing if this module got a custom *strategy*.

All values, except :model, accept also a boolean and will have the same name as the given module name.

Examples:

Devise.add_module(:party_module)
Devise.add_module(:party_module, strategy: true, controller: :sessions)
Devise.add_module(:party_module, model: 'party_module/model')


360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
# File 'lib/devise.rb', line 360

def self.add_module(module_name, options = {})
  ALL << module_name
  options.assert_valid_keys(:strategy, :model, :controller, :route, :no_input)

  if strategy = options[:strategy]
    strategy = (strategy == true ? module_name : strategy)
    STRATEGIES[module_name] = strategy
  end

  if controller = options[:controller]
    controller = (controller == true ? module_name : controller)
    CONTROLLERS[module_name] = controller
  end

  NO_INPUT << strategy if options[:no_input]

  if route = options[:route]
    case route
    when TrueClass
      key, value = module_name, []
    when Symbol
      key, value = route, []
    when Hash
      key, value = route.keys.first, route.values.flatten
    else
      raise ArgumentError, ":route should be true, a Symbol or a Hash"
    end

    URL_HELPERS[key] ||= []
    URL_HELPERS[key].concat(value)
    URL_HELPERS[key].uniq!

    ROUTES[module_name] = key
  end

  if options[:model]
    path = (options[:model] == true ? "devise/models/#{module_name}" : options[:model])
    camelized = ActiveSupport::Inflector.camelize(module_name.to_s)
    Devise::Models.send(:autoload, camelized.to_sym, path)
  end

  Devise::Mapping.add_module module_name
end

+ (Object) available_router_name



314
315
316
# File 'lib/devise.rb', line 314

def self.available_router_name
  router_name || :main_app
end

+ (Object) bcrypt(klass, password)

Digests the password using bcrypt.



6
7
8
# File 'lib/devise/models/database_authenticatable.rb', line 6

def self.bcrypt(klass, password)
  ::BCrypt::Password.create("#{password}#{klass.pepper}", cost: klass.stretches).to_s
end

+ (Object) configure_warden!

A method used internally to setup warden manager from the Rails initialize block.



449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
# File 'lib/devise.rb', line 449

def self.configure_warden! #:nodoc:
  @@warden_configured ||= begin
    warden_config.failure_app   = Devise::Delegator.new
    warden_config.default_scope = Devise.default_scope
    warden_config.intercept_401 = false

    Devise.mappings.each_value do |mapping|
      warden_config.scope_defaults mapping.name, strategies: mapping.strategies

      warden_config.serialize_into_session(mapping.name) do |record|
        mapping.to.serialize_into_session(record)
      end

      warden_config.serialize_from_session(mapping.name) do |key|
        # Previous versions contained an additional entry at the beginning of
        # key with the record's class name.
        args = key[-2, 2]
        mapping.to.serialize_from_session(*args)
      end
    end

    @@warden_config_blocks.map { |block| block.call Devise.warden_config }
    true
  end
end

+ (Object) friendly_token

Generate a friendly string randomly to be used as token.



476
477
478
# File 'lib/devise.rb', line 476

def self.friendly_token
  SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
end

+ (Object) include_helpers(scope)

Include helpers in the given scope to AC and AV.



430
431
432
433
434
435
436
437
438
439
# File 'lib/devise.rb', line 430

def self.include_helpers(scope)
  ActiveSupport.on_load(:action_controller) do
    include scope::Helpers if defined?(scope::Helpers)
    include scope::UrlHelpers
  end

  ActiveSupport.on_load(:action_view) do
    include scope::UrlHelpers
  end
end

+ (Object) mailer

Get the mailer class from the mailer reference object.



323
324
325
# File 'lib/devise.rb', line 323

def self.mailer
  @@mailer_ref.get
end

+ (Object) mailer=(class_name)

Set the mailer reference object to access the mailer.



328
329
330
# File 'lib/devise.rb', line 328

def self.mailer=(class_name)
  @@mailer_ref = ref(class_name)
end

+ (Object) omniauth(provider, *args)

Specify an omniauth provider.

config.omniauth :github, APP_ID, APP_SECRET


423
424
425
426
427
# File 'lib/devise.rb', line 423

def self.omniauth(provider, *args)
  @@helpers << Devise::OmniAuth::UrlHelpers
  config = Devise::OmniAuth::Config.new(provider, args)
  @@omniauth_configs[config.strategy_name.to_sym] = config
end

+ (Object) omniauth_providers



318
319
320
# File 'lib/devise.rb', line 318

def self.omniauth_providers
  omniauth_configs.keys
end

+ (Object) ref(arg)



305
306
307
308
309
310
311
312
# File 'lib/devise.rb', line 305

def self.ref(arg)
  if defined?(ActiveSupport::Dependencies::ClassCache)
    ActiveSupport::Dependencies::reference(arg)
    Getter.new(arg)
  else
    ActiveSupport::Dependencies.ref(arg)
  end
end

+ (Object) regenerate_helpers!

Regenerates url helpers considering Devise.mapping



442
443
444
445
# File 'lib/devise.rb', line 442

def self.regenerate_helpers!
  Devise::Controllers::UrlHelpers.remove_helpers!
  Devise::Controllers::UrlHelpers.generate_helpers!
end

+ (Object) secure_compare(a, b)

constant-time comparison algorithm to prevent timing attacks



481
482
483
484
485
486
487
488
# File 'lib/devise.rb', line 481

def self.secure_compare(a, b)
  return false if a.blank? || b.blank? || a.bytesize != b.bytesize
  l = a.unpack "C#{a.bytesize}"

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end

+ (Object) setup {|_self| ... }

Default way to setup Devise. Run rails generate devise_install to create a fresh initializer with all configuration values.

Yields:

  • (_self)

Yield Parameters:

  • _self (Devise)

    the object that the method was called on



291
292
293
# File 'lib/devise.rb', line 291

def self.setup
  yield self
end

+ (Object) warden(&block)

Sets warden configuration using a block that will be invoked on warden initialization.

Devise.setup do |config|
  config.allow_unconfirmed_access_for = 2.days

  config.warden do |manager|
    # Configure warden to use other strategies, like oauth.
    manager.oauth(:twitter)
  end
end


415
416
417
# File 'lib/devise.rb', line 415

def self.warden(&block)
  @@warden_config_blocks << block
end