How To: Customize user account status validation when logging in

Jonny Burch edited this page Dec 19, 2018 · 12 revisions

Sometimes you want to add custom validation to the user before logging them in. In this case I needed to implement an account_active boolean (true or false) check. So if it's true it will allow the user to login and create a session, if false it will display the "account not active" error.

Overwrite the active_for_authentication? method in your model (User) and add your validation logic. You want to return super && (true or false)

      def active_for_authentication?
        # Uncomment the below debug statement to view the properties of the returned self model values.
        # logger.debug self.to_yaml
        	
        super && account_active?
      end

In this case it checks the boolean value to account_active and it return it's value to the sign in method that called it.

The original active_for_authentication? method can be found in devise/lib/devise/models/authenticatable.rb.

Note: active_for_authentication? is called by Devise after authenticating user and in each request that follows. This means whatever code you add to the override of active_for_authentication? will be run for every request during the user's session.

Note: active_for_authentication? is not being called for each request when using database_authenticatable. It only gets called on login. Not sure if this is intended behavior.

Customize error message

If the method 'active_for_authentication?' returns false, method 'inactive_message' is invoked, user will receive notification for being inactive. We need to customize the message as well:

  def inactive_message
    account_active? ? super : :account_inactive
  end

Now this will refer the custom message for 'account_inactive' and not 'inactive', which we need to define in devise translation file.

   devise:
     failure:
       inactive: 'Your account was not activated yet.'
       account_inactive: 'Your account is not active.'
     registrations:
       signed_up_but_account_inactive: "Thanks for signing up. We'll let you know when your account is active"

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.