过滤使用Devise登录的用户 [英] Filtering users who are able to sign in with Devise
问题描述
有一种简单的方式来扩展Devise的身份验证查找器,不会包括已删除的经销商的用户?可能在用户名上使用命名范围?
干杯
特里斯坦
所有我需要做的是覆盖我的用户模型的find_for_authentication方法:
class User< ActiveRecord :: Base
...
#拦截设计检查DealershipUser的经销权是否活动
def self.find_for_authentication(条件)
user = super $ b $如果user.is_a?(DealershipUser)& amp;&& user.dealership.deleted?
用户
结束
...
结束
- 通过调用super来以正常方式查找用户。
- 我使用STI,所以我检查用户是一个DealershipUser,然后检查经销商是否被删除(acts_as_paranoid)。
- 返回用户。
一个非常具体的解决方案,但是您可以覆盖find_for_authentication,但您可以随时返回用户。
I have a Rails app using Devise for authentication. Users belong to Dealers and I want to prevent users who belong to disabled dealers from being able to sign in.
Is there a straightforward way to extend Devise's authentication finder so that it will not include users from deleted dealers? Perhaps using a named scope on User?
Cheers
Tristan
Turns out all I needed to do was override my user model's find_for_authentication method:
class User < ActiveRecord::Base
...
# Intercept Devise to check if DealershipUser's Dealership is active
def self.find_for_authentication(conditions)
user = super
return nil if user.is_a?(DealershipUser) && user.dealership.deleted?
user
end
...
end
- Find the user in the normal way by calling super.
- I'm using STI so I check that the user is a DealershipUser and then check if the dealership is deleted (acts_as_paranoid).
- Return the user.
This is a very specific solution for my scenario but you could override find_for_authentication however you like provided you return the user afterwards.
这篇关于过滤使用Devise登录的用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!