This post is an extension of Abhijit's article here - http://kiprosh.com/blog/180(Customizing Devise authentication, to disable or enable user authentication.)
It helped me to add further customization to check if user has active chargify_subscription and then only proceed to login otherwise show custom message instead of default devise message.

Here is what we did (2 step process).

  1. In our user model (specifically user_extensions) override devise method active_for_authentication as follows
def active_for_authentication?
  super && !is_locked && active_subscription?
end

Calling super first is very important here, to have devise perform all its regular checks first and then upon success we can proceed to add our custom checks.

is_locked is a flag and active_subscription? is a user instance method in our model that checks if user has active subscription in Chargify.

In the above code, we have added custom checks "is_locked" and then "active_subscription?"
Accordingly we also show custom message to user based on the user's lock or subscription state. To do so, override method "inactive_message".

  1. In our user model (specifically user_extensions) override devise method inactive_message as follows
def inactive_message
  return :unauthorised unless active_subscription?
  !is_locked ? super : :is_locked
end

Here :unauthorised is a custom message in our config/locales/devise.en.yml as follows

  devise:
    failure:
      already_authenticated: 'You are already signed in.'
      unauthenticated: 'You need to sign in or sign up before continuing.'
      unconfirmed: 'You have to confirm your account before continuing.'
      invalid: 'Invalid email or password.'
      is_locked: 'Your account has been locked. Please contact owner of this account.'
      unauthorised: "You do not have an active subscription. Please subscribe to log in to your account."</pre>