Adding symbols only on validate

lib/devise/models/authenticatable.rb

@@ -78,6 +78,10 @@ def valid_for_authentication?
         block_given? ? yield : true
       end
 
+      def unauthenticated_message
+        :invalid
+      end
+
       def active_for_authentication?
         true
       end
@@ -214,4 +218,4 @@ def generate_token(column)
       end
     end
   end
-end
+end

lib/devise/models/lockable.rb

@@ -92,14 +92,21 @@ def valid_for_authentication?
           self.failed_attempts += 1
           if attempts_exceeded?
             lock_access! unless access_locked?
-            return :locked
           else
             save(:validate => false)
           end
           false
         end
       end
 
+      def unauthenticated_message
+        if self.respond_to?(:failed_attempts) && attempts_exceeded?
+          :locked
+        else
+          super
+        end
+      end
+
       protected
 
         def attempts_exceeded?

lib/devise/models/token_authenticatable.rb

@@ -56,6 +56,7 @@ def ensure_authentication_token!
       def after_token_authentication
       end
 
+
       module ClassMethods
         def find_for_token_authentication(conditions)
           find_for_authentication(:authentication_token => conditions[token_authentication_key])
@@ -70,4 +71,4 @@ def authentication_token
       end
     end
   end
-end
+end

lib/devise/strategies/authenticatable.rb

@@ -23,14 +23,20 @@ def validate(resource, &block)
         result = resource && resource.valid_for_authentication?(&block)
 
         case result
-        when String, Symbol
+        when Symbol, String
+          ActiveSupport::Deprecation.warn "valid_for_authentication should return a boolean value"
           fail!(result)
-          false
-        when TrueClass
+          return false
+        end
+
+        if result
           decorate(resource)
           true
         else
-          result
+          if resource
+            fail!(resource.unauthenticated_message)
+          end
+          false
         end
       end