Sha256: f2328f43bd36fb9d56593de23ea8835947bb8f05d2d528ca73a6e9b382456466

Contents?: true

Size: 1.21 KB

Versions: 19

Compression:

Stored size: 1.21 KB

Contents

# frozen_string_literal: true

require 'devise/strategies/authenticatable'

module Devise
  module Strategies
    # Default strategy for signing in a user, based on their email and password in the database.
    class DatabaseAuthenticatable < Authenticatable
      def authenticate!
        resource  = password.present? && mapping.to.find_for_database_authentication(authentication_hash)
        hashed = false

        if validate(resource){ hashed = true; resource.valid_password?(password) }
          remember_me(resource)
          resource.after_database_authentication
          success!(resource)
        end

        # In paranoid mode, hash the password even when a resource doesn't exist for the given authentication key.
        # This is necessary to prevent enumeration attacks - e.g. the request is faster when a resource doesn't
        # exist in the database if the password hashing algorithm is not called.
        mapping.to.new.password = password if !hashed && Devise.paranoid
        unless resource
          Devise.paranoid ? fail(:invalid) : fail(:not_found_in_database)
        end
      end
    end
  end
end

Warden::Strategies.add(:database_authenticatable, Devise::Strategies::DatabaseAuthenticatable)

Version data entries

19 entries across 18 versions & 4 rubygems

Version Path
trusty-cms-7.0.9.1 vendor/bundle/ruby/3.1.0/gems/devise-4.9.4/lib/devise/strategies/database_authenticatable.rb
trusty-cms-7.0.9.1 vendor/bundle/ruby/3.3.0/gems/devise-4.9.4/lib/devise/strategies/database_authenticatable.rb
blacklight-spotlight-3.6.0.beta8 vendor/bundle/ruby/3.2.0/gems/devise-4.9.4/lib/devise/strategies/database_authenticatable.rb
devise-4.9.4 lib/devise/strategies/database_authenticatable.rb
devise-4.9.3 lib/devise/strategies/database_authenticatable.rb
devise-4.9.2 lib/devise/strategies/database_authenticatable.rb
devise-4.9.1 lib/devise/strategies/database_authenticatable.rb
devise-4.9.0 lib/devise/strategies/database_authenticatable.rb
devise-4.8.1 lib/devise/strategies/database_authenticatable.rb
date_n_time_picker_activeadmin-0.1.2 vendor/bundle/ruby/2.6.0/gems/devise-4.8.0/lib/devise/strategies/database_authenticatable.rb
date_n_time_picker_activeadmin-0.1.1 vendor/bundle/ruby/2.6.0/gems/devise-4.8.0/lib/devise/strategies/database_authenticatable.rb
devise-4.8.0 lib/devise/strategies/database_authenticatable.rb
devise-4.7.3 lib/devise/strategies/database_authenticatable.rb
devise-4.7.2 lib/devise/strategies/database_authenticatable.rb
devise-4.7.1 lib/devise/strategies/database_authenticatable.rb
devise-4.7.0 lib/devise/strategies/database_authenticatable.rb
devise-4.6.2 lib/devise/strategies/database_authenticatable.rb
devise-4.6.1 lib/devise/strategies/database_authenticatable.rb
devise-4.6.0 lib/devise/strategies/database_authenticatable.rb