module Devise::Models::Lockable

def valid_for_authentication?

is locked, it should never be allowed.
for verifying whether a user is allowed to sign in or not. If the user
Overwrites valid_for_authentication? from Devise::Models::Authenticatable

def valid_for_authentication?
  return super unless persisted? && lock_strategy_enabled?(:failed_attempts)
  # Unlock the user if the lock is expired, no matter
  # if the user can login or not (wrong password, etc)
  unlock_access! if lock_expired?
  if super && !access_locked?
    true
  else
    self.failed_attempts ||= 0
    self.failed_attempts += 1
    if attempts_exceeded?
      lock_access! unless access_locked?
    else
      save(:validate => false)
    end
    false
  end
end

Class Methods

:: required_fields

Instance Methods

# access_locked?
# active_for_authentication?
# attempts_exceeded?
# generate_unlock_token
# generate_unlock_token!
# if_access_locked
# inactive_message
# lock_access!
# lock_expired?
# resend_unlock_token
# send_unlock_instructions
# unauthenticated_message
# unlock_access!
# valid_for_authentication?

Modules

Classes

module Devise::Models::Lockable

def valid_for_authentication?

Class Methods

Instance Methods