Module: Devise
- Defined in:
- lib/devise.rb,
lib/devise/orm.rb,
lib/devise/rails.rb,
lib/devise/models.rb,
lib/devise/mapping.rb,
lib/devise/version.rb,
lib/devise/omniauth.rb,
lib/devise/delegator.rb,
lib/devise/encryptor.rb,
lib/devise/failure_app.rb,
lib/devise/hooks/proxy.rb,
lib/devise/rails/routes.rb,
lib/devise/test_helpers.rb,
lib/devise/time_inflector.rb,
lib/devise/mailers/helpers.rb,
lib/devise/models/lockable.rb,
lib/devise/omniauth/config.rb,
lib/devise/strategies/base.rb,
lib/devise/token_generator.rb,
lib/devise/models/trackable.rb,
lib/devise/parameter_filter.rb,
lib/devise/models/confirmable.rb,
lib/devise/models/recoverable.rb,
lib/devise/models/timeoutable.rb,
lib/devise/models/validatable.rb,
lib/devise/controllers/helpers.rb,
lib/devise/models/omniauthable.rb,
lib/devise/models/registerable.rb,
lib/devise/models/rememberable.rb,
lib/devise/parameter_sanitizer.rb,
lib/devise/omniauth/url_helpers.rb,
lib/devise/controllers/responder.rb,
lib/devise/models/authenticatable.rb,
lib/generators/devise/orm_helpers.rb,
lib/devise/controllers/sign_in_out.rb,
lib/devise/controllers/url_helpers.rb,
lib/devise/strategies/rememberable.rb,
lib/devise/test/controller_helpers.rb,
lib/devise/controllers/rememberable.rb,
lib/devise/controllers/scoped_views.rb,
lib/devise/test/integration_helpers.rb,
lib/devise/controllers/store_location.rb,
lib/devise/strategies/authenticatable.rb,
lib/generators/devise/views_generator.rb,
lib/generators/devise/devise_generator.rb,
lib/generators/devise/install_generator.rb,
lib/devise/models/database_authenticatable.rb,
lib/generators/devise/controllers_generator.rb,
lib/devise/strategies/database_authenticatable.rb
Defined Under Namespace
Modules: Controllers, Encryptor, Generators, Hooks, Mailers, Models, OmniAuth, Orm, RouteSet, Strategies, Test, TestHelpers Classes: ConfirmationsController, Delegator, Engine, FailureApp, Getter, Mailer, Mapping, MissingWarden, OmniauthCallbacksController, ParameterFilter, ParameterSanitizer, PasswordsController, RegistrationsController, SessionsController, TimeInflector, TokenGenerator, UnlocksController
Constant Summary collapse
- ALL =
Constants which holds devise configuration for extensions. Those should not be modified by the “end user” (this is why they are constants).
[]
- CONTROLLERS =
{}
- ROUTES =
{}
- STRATEGIES =
{}
- URL_HELPERS =
{}
- NO_INPUT =
Strategies that do not require user input.
[]
- TRUE_VALUES =
True values used to check params
[true, 1, '1', 'on', 'ON', 't', 'T', 'true', 'TRUE']
- VERSION =
"5.0.0.beta".freeze
- @@secret_key =
nil
- @@rememberable_options =
{}
- @@stretches =
12
- @@http_authentication_key =
nil
- @@authentication_keys =
[:email]
- @@request_keys =
[]
- @@case_insensitive_keys =
[:email]
- @@strip_whitespace_keys =
[:email]
- @@http_authenticatable =
false
- @@http_authenticatable_on_xhr =
true
- @@params_authenticatable =
true
- @@http_authentication_realm =
"Application"
- @@email_regexp =
/\A[^@\s]+@[^@\s]+\z/
- @@password_length =
6..128
- @@remember_for =
2.weeks
- @@extend_remember_period =
false
- @@expire_all_remember_me_on_sign_out =
true
- @@allow_unconfirmed_access_for =
0.days
- @@confirm_within =
nil
- @@confirmation_keys =
[:email]
- @@reconfirmable =
true
- @@timeout_in =
30.minutes
- @@pepper =
nil
- @@send_email_changed_notification =
false
- @@send_password_change_notification =
false
- @@scoped_views =
false
- @@lock_strategy =
:failed_attempts
- @@unlock_keys =
[:email]
- @@unlock_strategy =
:both
- @@maximum_attempts =
20
- @@unlock_in =
1.hour
- @@reset_password_keys =
[:email]
- @@reset_password_within =
6.hours
- @@sign_in_after_reset_password =
true
- @@default_scope =
nil
- @@mailer_sender =
nil
- @@skip_session_storage =
[:http_auth]
["*/*", :html, :turbo_stream]
- @@responder =
Devise::Controllers::Responder
- @@sign_out_all_scopes =
true
- @@sign_out_via =
:delete
- @@parent_controller =
"ApplicationController"
- @@parent_mailer =
"ActionMailer::Base"
- @@router_name =
nil
- @@omniauth_path_prefix =
nil
- @@clean_up_csrf_token_on_authentication =
true
- @@reload_routes =
true
- @@mappings =
{}
- @@omniauth_configs =
{}
- @@helpers =
Set.new
- @@warden_config =
nil
- @@warden_config_blocks =
[]
- @@paranoid =
false
- @@last_attempt_warning =
true
- @@token_generator =
nil
- @@sign_in_after_change_password =
true
Class Method Summary collapse
-
.activerecord51? ⇒ Boolean
:nodoc:.
-
.add_mapping(resource, options) ⇒ Object
Small method that adds a mapping to Devise.
-
.add_module(module_name, options = {}) ⇒ Object
Register available devise modules.
- .available_router_name ⇒ Object
-
.configure_warden! ⇒ Object
A method used internally to complete the setup of warden manager after routes are loaded.
- .deprecator ⇒ Object
-
.friendly_token(length = 20) ⇒ Object
Generate a friendly string randomly to be used as token.
-
.include_helpers(scope) ⇒ Object
Include helpers in the given scope to AC and AV.
-
.mailer ⇒ Object
Get the mailer class from the mailer reference object.
-
.mailer=(class_name) ⇒ Object
Set the mailer reference object to access the mailer.
-
.omniauth(provider, *args) ⇒ Object
Specify an OmniAuth provider.
- .omniauth_providers ⇒ Object
- .ref(arg) ⇒ Object
-
.regenerate_helpers! ⇒ Object
Regenerates url helpers considering Devise.mapping.
-
.secure_compare(a, b) ⇒ Object
constant-time comparison algorithm to prevent timing attacks.
-
.setup {|_self| ... } ⇒ Object
Default way to set up Devise.
-
.warden(&block) ⇒ Object
Sets warden configuration using a block that will be invoked on warden initialization.
Class Method Details
.activerecord51? ⇒ Boolean
:nodoc:
527 528 529 530 531 532 533 |
# File 'lib/devise.rb', line 527 def self.activerecord51? # :nodoc: deprecator.warn <<-DEPRECATION.strip_heredoc [Devise] `Devise.activerecord51?` is deprecated and will be removed in the next major version. It is a non-public method that's no longer used internally, but that other libraries have been relying on. DEPRECATION defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x") end |
.add_mapping(resource, options) ⇒ Object
Small method that adds a mapping to Devise.
359 360 361 362 363 364 365 |
# File 'lib/devise.rb', line 359 def self.add_mapping(resource, ) mapping = Devise::Mapping.new(resource, ) @@mappings[mapping.name] = mapping @@default_scope ||= mapping.name @@helpers.each { |h| h.define_helpers(mapping) } mapping end |
.add_module(module_name, options = {}) ⇒ Object
Register available devise modules. For the standard modules that Devise provides, this method is called from lib/devise/modules.rb. Third-party modules need to be added explicitly using this method.
Note that adding a module using this method does not cause it to be used in the authentication process. That requires that the module be listed in the arguments passed to the ‘devise’ method in the model class definition.
Options:
+model+ - String representing the load path to a custom *model* for this module (to autoload.)
+controller+ - Symbol representing the name of an existing or custom *controller* for this module.
+route+ - Symbol representing the named *route* helper for this module.
+strategy+ - Symbol representing if this module got a custom *strategy*.
+insert_at+ - Integer representing the order in which this module's model will be included
All values, except :model, accept also a boolean and will have the same name as the given module name.
Examples:
Devise.add_module(:party_module)
Devise.add_module(:party_module, strategy: true, controller: :sessions)
Devise.add_module(:party_module, model: 'party_module/model')
Devise.add_module(:party_module, insert_at: 0)
392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 |
# File 'lib/devise.rb', line 392 def self.add_module(module_name, = {}) .assert_valid_keys(:strategy, :model, :controller, :route, :no_input, :insert_at) ALL.insert ([:insert_at] || -1), module_name if strategy = [:strategy] strategy = (strategy == true ? module_name : strategy) STRATEGIES[module_name] = strategy end if controller = [:controller] controller = (controller == true ? module_name : controller) CONTROLLERS[module_name] = controller end NO_INPUT << strategy if [:no_input] if route = [:route] case route when TrueClass key, value = module_name, [] when Symbol key, value = route, [] when Hash key, value = route.keys.first, route.values.flatten else raise ArgumentError, ":route should be true, a Symbol or a Hash" end URL_HELPERS[key] ||= [] URL_HELPERS[key].concat(value) URL_HELPERS[key].uniq! ROUTES[module_name] = key end if [:model] path = ([:model] == true ? "devise/models/#{module_name}" : [:model]) camelized = ActiveSupport::Inflector.camelize(module_name.to_s) Devise::Models.send(:autoload, camelized.to_sym, path) end Devise::Mapping.add_module module_name end |
.available_router_name ⇒ Object
339 340 341 |
# File 'lib/devise.rb', line 339 def self.available_router_name router_name || :main_app end |
.configure_warden! ⇒ Object
A method used internally to complete the setup of warden manager after routes are loaded. See lib/devise/rails/routes.rb - ActionDispatch::Routing::RouteSet#finalize_with_devise!
481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 |
# File 'lib/devise.rb', line 481 def self.configure_warden! #:nodoc: @@warden_configured ||= begin warden_config.failure_app = Devise::Delegator.new warden_config.default_scope = Devise.default_scope warden_config.intercept_401 = false Devise.mappings.each_value do |mapping| warden_config.scope_defaults mapping.name, strategies: mapping.strategies warden_config.serialize_into_session(mapping.name) do |record| mapping.to.serialize_into_session(record) end warden_config.serialize_from_session(mapping.name) do |args| mapping.to.serialize_from_session(*args) end end @@warden_config_blocks.map { |block| block.call Devise.warden_config } true end end |
.deprecator ⇒ Object
523 524 525 |
# File 'lib/devise.rb', line 523 def self.deprecator @deprecator ||= ActiveSupport::Deprecation.new("5.0", "Devise") end |
.friendly_token(length = 20) ⇒ Object
Generate a friendly string randomly to be used as token. By default, length is 20 characters.
506 507 508 509 510 511 |
# File 'lib/devise.rb', line 506 def self.friendly_token(length = 20) # To calculate real characters, we must perform this operation. # See SecureRandom.urlsafe_base64 rlength = (length * 3) / 4 SecureRandom.urlsafe_base64(rlength).tr('lIO0', 'sxyz') end |
.include_helpers(scope) ⇒ Object
Include helpers in the given scope to AC and AV.
462 463 464 465 466 467 468 469 470 471 |
# File 'lib/devise.rb', line 462 def self.include_helpers(scope) ActiveSupport.on_load(:action_controller) do include scope::Helpers if defined?(scope::Helpers) include scope::UrlHelpers end ActiveSupport.on_load(:action_view) do include scope::UrlHelpers end end |
.mailer ⇒ Object
Get the mailer class from the mailer reference object.
348 349 350 |
# File 'lib/devise.rb', line 348 def self.mailer @@mailer_ref.get end |
.mailer=(class_name) ⇒ Object
Set the mailer reference object to access the mailer.
353 354 355 |
# File 'lib/devise.rb', line 353 def self.mailer=(class_name) @@mailer_ref = ref(class_name) end |
.omniauth(provider, *args) ⇒ Object
Specify an OmniAuth provider.
config.omniauth :github, APP_ID, APP_SECRET
456 457 458 459 |
# File 'lib/devise.rb', line 456 def self.omniauth(provider, *args) config = Devise::OmniAuth::Config.new(provider, args) @@omniauth_configs[config.strategy_name.to_sym] = config end |
.omniauth_providers ⇒ Object
343 344 345 |
# File 'lib/devise.rb', line 343 def self.omniauth_providers omniauth_configs.keys end |
.ref(arg) ⇒ Object
331 332 333 334 335 336 337 |
# File 'lib/devise.rb', line 331 def self.ref(arg) # TODO: Remove AS::Dependencies usage when dropping support to Rails < 7. if ActiveSupport::Dependencies.respond_to?(:reference) ActiveSupport::Dependencies.reference(arg) end Getter.new(arg) end |
.regenerate_helpers! ⇒ Object
Regenerates url helpers considering Devise.mapping
474 475 476 477 |
# File 'lib/devise.rb', line 474 def self.regenerate_helpers! Devise::Controllers::UrlHelpers.remove_helpers! Devise::Controllers::UrlHelpers.generate_helpers! end |
.secure_compare(a, b) ⇒ Object
constant-time comparison algorithm to prevent timing attacks
514 515 516 517 518 519 520 521 |
# File 'lib/devise.rb', line 514 def self.secure_compare(a, b) return false if a.blank? || b.blank? || a.bytesize != b.bytesize l = a.unpack "C#{a.bytesize}" res = 0 b.each_byte { |byte| res |= byte ^ l.shift } res == 0 end |
.setup {|_self| ... } ⇒ Object
Default way to set up Devise. Run rails generate devise_install to create a fresh initializer with all configuration values.
312 313 314 |
# File 'lib/devise.rb', line 312 def self.setup yield self end |
.warden(&block) ⇒ Object
448 449 450 |
# File 'lib/devise.rb', line 448 def self.warden(&block) @@warden_config_blocks << block end |