Module Devise::Models::DatabaseAuthenticatable
In: lib/devise/models/database_authenticatable.rb

Authenticatable Module, responsible for encrypting password and validating authenticity of a user while signing in.

Options

DatabaseAuthenticable adds the following options to devise_for:

  * +pepper+: a random string used to provide a more secure hash. Use
    `rake secret` to generate new keys.

  * +stretches+: the cost given to bcrypt.

Examples

   User.find(1).valid_password?('password123')         # returns true/false

Methods

Classes and Modules

Module Devise::Models::DatabaseAuthenticatable::ClassMethods

Public Instance methods

A reliable way to expose the salt regardless of the implementation.

Set password and password confirmation to nil

Generates password encryption based on the given value.

Update record attributes when :current_password matches, otherwise returns error on :current_password. It also automatically rejects :password and :password_confirmation if they are blank.

Updates record attributes without asking for the current password. Never allows to change the current password. If you are using this method, you should probably override this method to protect other attributes you would not like to be updated without a password.

Example:

  def update_without_password(params={})
    params.delete(:email)
    super(params)
  end

Verifies whether an password (ie from sign in) is the user password.

Protected Instance methods

Downcase case-insensitive keys

Digests the password using bcrypt.

[Validate]