class Devise::Strategies::Authenticatable

for an example.
parameters both from params or from http authorization headers. See database_authenticatable
This strategy should be used as basis for authentication strategies. It retrieves

def authenticatable_name

becomes simply :database.
Holds the authenticatable name for this class. Devise::Strategies::DatabaseAuthenticatable 
def authenticatable_name
  @authenticatable_name ||=
    ActiveSupport::Inflector.underscore(self.class.name.split("::").last).
      sub("_authenticatable", "").to_sym
end

def authentication_keys 

def authentication_keys
  @authentication_keys ||= mapping.to.authentication_keys
end

def clean_up_csrf?

reset CSRF data in the session
run through Authentication (user_set) very often, which would normally
Override and set to false for things like OmniAuth that technically 
def clean_up_csrf?
  true
end

def decode_credentials

Helper to decode credentials from HTTP. 
def decode_credentials
  return [] unless request.authorization && request.authorization =~ /^Basic (.*)/mi
  Base64.decode64($1).split(/:/, 2)
end

def http_auth_hash

Extract a hash with attributes:values from the http params. 
def http_auth_hash
  keys = [http_authentication_key, :password]
  Hash[*keys.zip(decode_credentials).flatten]
end

def http_authenticatable?

Check if the model accepts this strategy as http authenticatable. 
def http_authenticatable?
  mapping.to.http_authenticatable?(authenticatable_name)
end

def http_authentication_key 

def http_authentication_key
  @http_authentication_key ||= mapping.to.http_authentication_key || case authentication_keys
    when Array then authentication_keys.first
    when Hash then authentication_keys.keys.first
  end
end

def params_auth_hash

Extract the appropriate subhash for authentication from params. 
def params_auth_hash
  params[scope]
end

def params_authenticatable?

Check if the model accepts this strategy as params authenticatable. 
def params_authenticatable?
  mapping.to.params_authenticatable?(authenticatable_name)
end

def parse_authentication_key_values(hash, keys) 

def parse_authentication_key_values(hash, keys)
  keys.each do |key, enforce|
    value = hash[key].presence
    if value
      self.authentication_hash[key] = value
    else
      return false unless enforce == false
    end
  end
  true
end

def remember_me(resource)

Get values from params and set in the resource. 
def remember_me(resource)
  resource.remember_me = remember_me? if resource.respond_to?(:remember_me=)
end

def remember_me?

Should this resource be marked to be remembered? 
def remember_me?
  valid_params? && Devise::TRUE_VALUES.include?(params_auth_hash[:remember_me])
end

def request_keys 

def request_keys
  @request_keys ||= mapping.to.request_keys
end

def request_values 

def request_values
  keys = request_keys.respond_to?(:keys) ? request_keys.keys : request_keys
  values = keys.map { |k| self.request.send(k) }
  Hash[keys.zip(values)]
end

def store? 

def store?
  super && !mapping.to.skip_session_storage.include?(authentication_type)
end

def valid? 

def valid?
  valid_for_params_auth? || valid_for_http_auth?
end

def valid_for_http_auth?


* If all authentication keys are present;
* If any of the authorization headers were sent;
* Validating if the model allows http authentication;

Check if this is a valid strategy for http authentication by: 
def valid_for_http_auth?
  http_authenticatable? && request.authorization && with_authentication_hash(:http_auth, http_auth_hash)
end

def valid_for_params_auth?


* If all authentication keys are present;
* If the params[scope] returns a hash with credentials;
* If the request hits the sessions controller through POST;
* Validating if the model allows params authentication;

Check if this is a valid strategy for params authentication by: 
def valid_for_params_auth?
  params_authenticatable? && valid_params_request? &&
    valid_params? && with_authentication_hash(:params_auth, params_auth_hash)
end

def valid_params?

If the request is valid, finally check if params_auth_hash returns a hash. 
def valid_params?
  params_auth_hash.is_a?(Hash)
end

def valid_params_request?

By default, a request is valid if the controller set the proper env variable. 
def valid_params_request?
  !!env["devise.allow_params_authentication"]
end

def valid_password?

on this method for validating that a given password is correct.
the database. It only checks if the password is *present*. Do not rely
ensure that the password in the params matches the password stored in
Note: unlike `Model.valid_password?`, this method does not actually 
def valid_password?
  password.present?
end

def validate(resource, &block)

unauthenticated_message.
In case the resource can't be validated, it will fail with the given

for more information.
given as parameter. Check Devise::Models::Authenticatable.valid_for_authentication?
A block that will be triggered while validating can be optionally
Receives a resource and check if it is valid by calling valid_for_authentication? 
def validate(resource, &block)
  result = resource && resource.valid_for_authentication?(&block)
  if result
    true
  else
    if resource
      fail!(resource.unauthenticated_message)
    end
    false
  end
end

def with_authentication_hash(auth_type, auth_values)

Sets the authentication hash and the password from params_auth_hash or http_auth_hash. 
def with_authentication_hash(auth_type, auth_values)
  self.authentication_hash, self.authentication_type = {}, auth_type
  self.password = auth_values[:password]
  parse_authentication_key_values(auth_values, authentication_keys) &&
  parse_authentication_key_values(request_values, request_keys)
end