Devise - How do I forbid certain users from signing in?

ruby-on-rails devise

I am using Devise for authentication in my application.

How do I forbid certain users from signing in - kind of disable a user?


Solution 1:

Do it like this:

Create a column called is_active for the User model.

Then add the code below to the User model:

class User < ActiveRecord::Base
  #this method is called by devise to check for "active" state of the model
  def active_for_authentication?
    #remember to call the super
    #then put our own check to determine "active" state using 
    #our own "is_active" column
    super and self.is_active?
  end
end

UPDATE

As Matt Huggins notes, the method is now called active_for_authentication? (Documentation)

Solution 2:

Add a column to the User model: allowed_to_log_in.

Then add this to /app/models/user.rb:

def active_for_authentication?
    super and self.allowed_to_log_in?
end

If you want to inform the user with a custom message you can add this as well:

def inactive_message
    "You are not allowed to log in."
end

I think that is quite important because the standard message from Devise says:

"Your account is not activated yet."

That is confusing for users and the real reason is that you have "banned" them from logging in.

Related

Javascript Object push() function
What does the Subversion status symbol "~" mean?
Indenting #defines
How to use nonnull and nullable Objective-C keywords in block-based API method
ALTER TABLE without locking the table?
Why does git keep telling me it's "Auto packing the repository in background for optimum performance"?
Why does csvwriter.writerow() put a comma after each character?
How to use fetch in TypeScript
Counting occurrences in Vim without marking the buffer changed
Does Python have a toString() equivalent, and can I convert a class to String?
req.locals vs. res.locals vs. res.data vs. req.data vs. app.locals in Express middleware
How do I make a matrix from a list of vectors in R?