class Devise::Strategies::Rememberable
Remember the user through the remember token. This strategy is responsible to verify whether there is a cookie with the remember token, and to recreate the user from this cookie if it exists. Must be called before authenticatable.
Public Instance Methods
authenticate!()
click to toggle source
To authenticate a user we deserialize the cookie and attempt finding the record in the database. If the attempt fails, we pass to another strategy handle the authentication.
# File lib/devise/strategies/rememberable.rb, line 21 def authenticate! resource = mapping.to.serialize_from_cookie(*remember_cookie) unless resource cookies.delete(remember_key) return pass end if validate(resource) remember_me(resource) if extend_remember_me?(resource) resource.after_remembered success!(resource) end end
clean_up_csrf?()
click to toggle source
No need to clean up the CSRF when using rememberable. In fact, cleaning it up here would be a bug because rememberable is triggered on GET requests which means we would render a page on first access with all csrf tokens expired.
# File lib/devise/strategies/rememberable.rb, line 41 def clean_up_csrf? false end
valid?()
click to toggle source
A valid strategy for rememberable needs a remember token in the cookies.
# File lib/devise/strategies/rememberable.rb, line 13 def valid? @remember_cookie = nil remember_cookie.present? end
Private Instance Methods
extend_remember_me?(resource)
click to toggle source
# File lib/devise/strategies/rememberable.rb, line 47 def extend_remember_me?(resource) resource.respond_to?(:extend_remember_period) && resource.extend_remember_period end
remember_key()
click to toggle source
# File lib/devise/strategies/rememberable.rb, line 55 def remember_key mapping.to.rememberable_options.fetch(:key, "remember_#{scope}_token") end
remember_me?()
click to toggle source
# File lib/devise/strategies/rememberable.rb, line 51 def remember_me? true end