Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to make Devise lockable with number of failed attempts

Using Devise 2.1.2 and Rails 3.2.6

I'm doing this Q&A just in case others run into this problem because I found little and scattered documentation for it.

This error may occur if you try to set up Devise as lockable.

undefined local variable or method `locked_at' for [someClass] 

It means your model doesn't have the appropriate attributes.

Prerequisites: Set up the following in config/initializers/devise.rb

# ==> Configuration for :lockable # Defines which strategy will be used to lock an account. # :failed_attempts = Locks an account after a number of failed attempts to sign in. # :none            = No lock strategy. You should handle locking by yourself. config.lock_strategy = :failed_attempts  # Defines which key will be used when locking and unlocking an account config.unlock_keys = [ :email ]  # Defines which strategy will be used to unlock an account. # :email = Sends an unlock link to the user email # :time  = Re-enables login after a certain amount of time (see :unlock_in below) # :both  = Enables both strategies # :none  = No unlock strategy. You should handle unlocking by yourself. config.unlock_strategy = :email  # Number of authentication tries before locking an account if lock_strategy # is failed attempts. config.maximum_attempts = 20  # Time interval to unlock the account if :time is enabled as unlock_strategy. # config.unlock_in = 1.hour 

Set up your model to include devise :lockable:

class Example < ActiveRecord::Base   # Include default devise modules. Others available are:   # :token_authenticatable, :confirmable,   # :lockable, :timeoutable and :omniauthable   devise :database_authenticatable, :registerable,          :recoverable, :rememberable, :trackable, :validatable, :lockable 
like image 200
David Nix Avatar asked Aug 10 '12 22:08

David Nix


2 Answers

Devise needs these three attributes on your model. Therefore, generate the following migration and run it.

class AddLockableToExamples < ActiveRecord::Migration   def change     add_column :examples, :failed_attempts, :integer, default: 0     add_column :examples, :unlock_token, :string # Only if unlock strategy is :email or :both     add_column :examples, :locked_at, :datetime   end end 

Hope this saves someone else hours of google-fu.

like image 139
David Nix Avatar answered Sep 18 '22 19:09

David Nix


Simply uncomment this strings in devise migration:

  ## Lockable   # t.integer  :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts   # t.string   :unlock_token # Only if unlock strategy is :email or :both   # t.datetime :locked_at 
like image 32
Mikhail Grishko Avatar answered Sep 17 '22 19:09

Mikhail Grishko