module Devise::Models::DatabaseAuthenticatable

def self.required_fields(klass)

def self.required_fields(klass)
  [:encrypted_password] + klass.authentication_keys
end

def after_database_authentication

end
self.update_attribute(:invite_code, nil)
def after_database_authentication

Example:

authenticates.
used to insert your own logic that is only run after the user successfully
A callback initiated after successfully authenticating. This can be

def after_database_authentication
end

def authenticatable_salt

A reliable way to expose the salt regardless of the implementation.

def authenticatable_salt
  encrypted_password[0,29] if encrypted_password
end

def clean_up_passwords

Set password and password confirmation to nil

def clean_up_passwords
  self.password = self.password_confirmation = nil
end

def destroy_with_password(current_password)

:current_password if it is blank.
error on :current_password. It also automatically rejects
Destroy record when :current_password matches, otherwise returns

def destroy_with_password(current_password)
  result = if valid_password?(current_password)
    destroy
  else
    valid?
    errors.add(:current_password, current_password.blank? ? :blank : :invalid)
    false
  end
  result
end

def initialize(*args, &block)

def initialize(*args, &block)
  @skip_email_changed_notification = false
  @skip_password_change_notification = false
  super
end

def password=(new_password)

the hashed password.
For legacy reasons, we use `encrypted_password` to store
Generates a hashed password based on the given value.

def password=(new_password)
  @password = new_password
  self.encrypted_password = password_digest(@password) if @password.present?
end

def password_digest(password)

of other hashing engines.
See https://github.com/heartcombo/devise-encryptable for examples

this method to apply their own algorithm.
Hashes the password using bcrypt. Custom hash functions should override

def password_digest(password)
  Devise::Encryptor.digest(self.class, password)
end

def send_email_changed_notification

Send notification to user when email changes.

def send_email_changed_notification
  send_devise_notification(:email_changed, to: devise_email_before_last_save)
end

def send_email_changed_notification?

def send_email_changed_notification?
  self.class.send_email_changed_notification && devise_saved_change_to_email? && !@skip_email_changed_notification
end

def send_password_change_notification

Send notification to user when password changes.

def send_password_change_notification
  send_devise_notification(:password_change)
end

def send_password_change_notification?

def send_password_change_notification?
  self.class.send_password_change_notification && devise_saved_change_to_encrypted_password? && !@skip_password_change_notification
end

def skip_email_changed_notification!

Skips sending the email changed notification after_update

def skip_email_changed_notification!
  @skip_email_changed_notification = true
end

def skip_password_change_notification!

Skips sending the password change notification after_update

def skip_password_change_notification!
  @skip_password_change_notification = true
end

def update_with_password(params, *options)

is also rejected as long as it is also blank.
their password). In case the password field is rejected, the confirmation
users to change relevant information like the e-mail without changing
This method also rejects the password field if it is blank (allowing

returns error on :current_password.
Update record attributes when :current_password matches, otherwise

def update_with_password(params, *options)
  if options.present?
    ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
      [Devise] The second argument of `DatabaseAuthenticatable#update_with_password`
      (`options`) is deprecated and it will be removed in the next major version.
      It was added to support a feature deprecated in Rails 4, so you can safely remove it
      from your code.
    DEPRECATION
  end
  current_password = params.delete(:current_password)
  if params[:password].blank?
    params.delete(:password)
    params.delete(:password_confirmation) if params[:password_confirmation].blank?
  end
  result = if valid_password?(current_password)
    update(params, *options)
  else
    assign_attributes(params, *options)
    valid?
    errors.add(:current_password, current_password.blank? ? :blank : :invalid)
    false
  end
  clean_up_passwords
  result
end

def update_without_password(params, *options)

end
super(params)
params.delete(:email)
def update_without_password(params, *options)

Example:

attributes you would not like to be updated without a password.
method, you should probably override this method to protect other
Never allows a change to the current password. If you are using this
Updates record attributes without asking for the current password.

def update_without_password(params, *options)
  if options.present?
    ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
      [Devise] The second argument of `DatabaseAuthenticatable#update_without_password`
      (`options`) is deprecated and it will be removed in the next major version.
      It was added to support a feature deprecated in Rails 4, so you can safely remove it
      from your code.
    DEPRECATION
  end
  params.delete(:password)
  params.delete(:password_confirmation)
  result = update(params, *options)
  clean_up_passwords
  result
end

def valid_password?(password)

Verifies whether a password (ie from sign in) is the user password.

def valid_password?(password)
  Devise::Encryptor.compare(self.class, encrypted_password, password)
end

Modules

Devise::Models::DatabaseAuthenticatable::ClassMethods

Class Methods

:: required_fields

Instance Methods

Defined in

lib/devise/models/database_authenticatable.rb