在允许用户使用devise（rails）登录之前，检查用户是否处于活动状态 [英] Check if user is active before allowing user to sign in with devise (rails)

问题描述

我正在使用devise并创建一个名为active的用户字段，它为true或false。我必须在允许用户登录之前手动使用户激活（true）。至少这是意图。我试过这个...

I am using devise and created a User field called :active which is either true or false. I have to manually make the user active (true) before the user is allowed to log in. At least that is the intent. I have tried this...

class SessionsController < Devise::SessionsController
  # POST /resource/sign_in
  def create
    "resource/signin CREATE"
    self.resource = warden.authenticate!(auth_options)
    unless resource.active?
      sign_out
      redirect_to :sorry_not_active_url
      return
    end
    set_flash_message(:notice, :signed_in) if is_navigational_format?
    sign_in(resource_name, resource)
    respond_with resource, :location => after_sign_in_path_for(resource)
  end  
end

但是这并不能捕捉到用户可以登录的地方，例如用户更改密码时，站点自动将其自动登录。但是，如果用户不活跃，我不希望他们被允许登录，而是被重定向到sorry_not_active_url。

However this does not catch all the places where a user can log in, for example, when a user changes their password, the site automatically logs them in automatically after. However, if the user is not active, I do not want them to be allowed to log in, but rather be redirected to a sorry_not_active_url.

什么是最好的方式如果用户不活跃，防止用户登录？

What would be the best way to prevent the user from signing in if the user is not active?

谢谢。

推荐答案

将这两种方法添加到用户模型中，设计应自动接收它们 - 您不应该需要扩展 Devise :: SessionsController

Add these two methods to your user model, devise should pick them up automatically - you should NOT need to extend Devise::SessionsController

def active_for_authentication?
  super && self.your_method_for_checking_active # i.e. super && self.is_active
end

def inactive_message
  "Sorry, this account has been deactivated."
end

这篇关于在允许用户使用devise（rails）登录之前，检查用户是否处于活动状态的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！