lib/devise/models/authenticatable.rb in devise-2.2.3 vs lib/devise/models/authenticatable.rb in devise-2.2.4
- old
+ new
@@ -8,16 +8,19 @@
#
# Authenticatable adds the following options to devise_for:
#
# * +authentication_keys+: parameters used for authentication. By default [:email].
#
+ # * +http_authentication_key+: map the username passed via HTTP Auth to this parameter. Defaults to
+ # the first element in +authentication_keys+.
+ #
# * +request_keys+: parameters from the request object used for authentication.
# By specifying a symbol (which should be a request method), it will automatically be
# passed to find_for_authentication method and considered in your model lookup.
#
# For instance, if you set :request_keys to [:subdomain], :subdomain will be considered
- # as key on authentication. This can also be a hash where the value is a boolean expliciting
+ # as key on authentication. This can also be a hash where the value is a boolean specifying
# if the value is required or not.
#
# * +http_authenticatable+: if this model allows http authentication. By default true.
# It also accepts an array specifying the strategies that should allow http.
#
@@ -30,11 +33,11 @@
# by default is set to :skip_session_storage => [:http_auth].
#
# == active_for_authentication?
#
# After authenticating a user and in each request, Devise checks if your model is active by
- # calling model.active_for_authentication?. This method is overwriten by other devise modules. For instance,
+ # calling model.active_for_authentication?. This method is overwritten by other devise modules. For instance,
# :confirmable overwrites .active_for_authentication? to only return true if your model was confirmed.
#
# You overwrite this method yourself, but if you do, don't forget to call super:
#
# def active_for_authentication?
@@ -138,18 +141,30 @@
#
# after_commit :send_pending_notifications
#
# protected
#
- # def send_devise_notification(notification)
- # pending_notifications << notification
+ # def send_devise_notification(notification, opts = {})
+ # # if the record is new or changed then delay the
+ # # delivery until the after_commit callback otherwise
+ # # send now because after_commit will not be called.
+ # if new_record? || changed?
+ # pending_notifications << [notification, opts]
+ # else
+ # devise_mailer.send(notification, self, opts).deliver
+ # end
# end
#
# def send_pending_notifications
- # pending_notifications.each do |n|
- # devise_mailer.send(n, self).deliver
+ # pending_notifications.each do |n, opts|
+ # devise_mailer.send(n, self, opts).deliver
# end
+ #
+ # # Empty the pending notifications array because the
+ # # after_commit hook can be called multiple times which
+ # # could cause multiple emails to be sent.
+ # pending_notifications.clear
# end
#
# def pending_notifications
# @pending_notifications ||= []
# end
@@ -180,11 +195,12 @@
end
end
module ClassMethods
Devise::Models.config(self, :authentication_keys, :request_keys, :strip_whitespace_keys,
- :case_insensitive_keys, :http_authenticatable, :params_authenticatable, :skip_session_storage)
+ :case_insensitive_keys, :http_authenticatable, :params_authenticatable, :skip_session_storage,
+ :http_authentication_key)
def serialize_into_session(record)
[record.to_key, record.authenticatable_salt]
end
@@ -213,10 +229,10 @@
# Overwrite to add customized conditions, create a join, or maybe use a
# namedscope to filter records while authenticating.
# Example:
#
# def self.find_for_authentication(tainted_conditions)
- # find_first_by_auth_conditions(tainted_conditions, active: true)
+ # find_first_by_auth_conditions(tainted_conditions, :active => true)
# end
#
# Finally, notice that Devise also queries for users in other scenarios
# besides authentication, for example when retrieving an user to send
# an e-mail for password reset. In such cases, find_for_authentication