Class: Devise::Strategies::Rememberable
- Inherits:
-
Authenticatable
- Object
- Warden::Strategies::Base
- Base
- Authenticatable
- Devise::Strategies::Rememberable
- Defined in:
- lib/devise/strategies/rememberable.rb
Overview
Remember the user through the remember token. This strategy is responsible to verify whether there is a cookie with the remember token, and to recreate the user from this cookie if it exists. Must be called before authenticatable.
Instance Method Summary collapse
-
#authenticate! ⇒ Object
To authenticate a user we deserialize the cookie and attempt finding the record in the database.
-
#clean_up_csrf? ⇒ Boolean
No need to clean up the CSRF when using rememberable.
-
#valid? ⇒ Boolean
A valid strategy for rememberable needs a remember token in the cookies.
Instance Method Details
#authenticate! ⇒ Object
To authenticate a user we deserialize the cookie and attempt finding the record in the database. If the attempt fails, we pass to another strategy handle the authentication.
21 22 23 24 25 26 27 28 29 30 31 32 33 34 |
# File 'lib/devise/strategies/rememberable.rb', line 21 def authenticate! resource = mapping.to.(*) unless resource .delete(remember_key) return pass end if validate(resource) remember_me(resource) if extend_remember_me?(resource) resource.after_remembered success!(resource) end end |
#clean_up_csrf? ⇒ Boolean
No need to clean up the CSRF when using rememberable. In fact, cleaning it up here would be a bug because rememberable is triggered on GET requests which means we would render a page on first access with all csrf tokens expired.
41 42 43 |
# File 'lib/devise/strategies/rememberable.rb', line 41 def clean_up_csrf? false end |
#valid? ⇒ Boolean
A valid strategy for rememberable needs a remember token in the cookies.
13 14 15 16 |
# File 'lib/devise/strategies/rememberable.rb', line 13 def valid? = nil .present? end |