在允许用户使用设备(导轨)登录之前检查用户是否处于活动状态 [英] Check if user is active before allowing user to sign in with devise (rails)

问题描述

我正在使用 devise 并创建了一个名为 :active 的用户字段，该字段为真或假.在允许用户登录之前，我必须手动使用户处于活动状态(true).至少这是意图.我试过这个...

I am using devise and created a User field called :active which is either true or false. I have to manually make the user active (true) before the user is allowed to log in. At least that is the intent. I have tried this...

class SessionsController < Devise::SessionsController
  # POST /resource/sign_in
  def create
    "resource/signin CREATE"
    self.resource = warden.authenticate!(auth_options)
    unless resource.active?
      sign_out
      redirect_to :sorry_not_active_url
      return
    end
    set_flash_message(:notice, :signed_in) if is_navigational_format?
    sign_in(resource_name, resource)
    respond_with resource, :location => after_sign_in_path_for(resource)
  end  
end

然而，这并没有涵盖用户可以登录的所有地方，例如，当用户更改密码时，网站会在之后自动登录.但是，如果用户不活跃，我不希望他们被允许登录，而是被重定向到一个 sorry_not_active_url.

However this does not catch all the places where a user can log in, for example, when a user changes their password, the site automatically logs them in automatically after. However, if the user is not active, I do not want them to be allowed to log in, but rather be redirected to a sorry_not_active_url.

如果用户不活跃，阻止用户登录的最佳方法是什么?

What would be the best way to prevent the user from signing in if the user is not active?

谢谢.

推荐答案

将这两个方法添加到您的用户模型中，devise 应该自动选取它们 - 您不需要扩展 Devise::SessionsController

Add these two methods to your user model, devise should pick them up automatically - you should NOT need to extend Devise::SessionsController

def active_for_authentication?
  super && self.your_method_for_checking_active # i.e. super && self.is_active
end

def inactive_message
  "Sorry, this account has been deactivated."
end

这篇关于在允许用户使用设备(导轨)登录之前检查用户是否处于活动状态的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！