I use Devise for authentication and I have an admin role who can manage users.
Apart from this the admin can also lock a user preventing him from logging in the future. I have created a Boolean field inside 'User' model called 'is_locked?'. When the admin locks a user this boolean field is set to true. Based on this info I can know if a user is locked or not.
Now when user tries to log in, before setting up his session, I have to check this logic. I'm clueless about where to add this logic. Or this any custom methods or events which devise provides, so that I can add it there.Answer1:
I've found that you can stack
before_filters in the controller, so if you wanted to check for an
authenticate_user!, you could also use a
authenticate_user!) to check for a locked user. If the user model has a boolean attribute
locked, you can simply write a private method in your controller (or helper) like this:
#top of controller before_filter authenticate_user! before_filter user_active! #bottom of controller private def user_active! unless current_user.locked? return true end redirect_to root_url, :notice => "Your account is locked." return false end
This will give you the page you want if you're an unlocked user, and redirect you to the root page with an error message if the user is locked.Answer2:
You can add an
active? method on the
def active? super && !self.is_locked? end