If we need to support additional parameters for devise authentication besides normal(username/email with password). We can do this in devise by overiding an existing method, 'active_for_authentication?'. After authenticating a user and in each request, Devise checks if your model is active by calling model.active_for_authentication?
Consider a feature 'Lock sub user', here we can add a boolean flag 'is_locked', based on this flag we enable or disable the authentication for the sub-user:
def active_for_authentication? super && !is_locked end
Instead of !is_locked, we can also add a custom method which:
-
returns a boolean
-
based on single or multiple parameters
Please refer this wiki: [user account status validation...(Devise link)][1]
If the method 'active_for_authentication?' returns false, method 'inactive_message' is invoked, user will receive notification for being inactive. We need to customize the message as well:
def inactive_message !is_locked ? super : :is_locked end
Now this will refer the custom message for 'is_locked' and not inactive, which we need to define in devise translation file.
devise:
failure:
inactive: 'Your account was not activated yet.'
is_locked: 'Your account has been locked.'
Thank you.
[1]: https://github.com/plataformatec/devise/wiki/How-To:-Customize-user-account-status-validation-when-logging-in