module Devise::Models::Rememberable

Rememberable manages generating and clearing token for remember the user from a saved cookie. Rememberable also has utility methods for dealing with serializing the user into the cookie and back from the cookie, trying to lookup the record based on the saved information. You probably wouldn’t use rememberable methods directly, they are used mostly internally for handling the remember token.

Options

Rememberable adds the following options in devise_for:

* +remember_for+: the time you want the user will be remembered without
  asking for credentials. After this time the user will be blocked and
  will have to enter his credentials again. This configuration is also
  used to calculate the expires time for the cookie created to remember
  the user. By default remember_for is 2.weeks.

* +extend_remember_period+: if true, extends the user's remember period
  when remembered via cookie. False by default.

* +cookie_options+: configuration options passed to the created cookie.

Examples

User.find(1).remember_me!  # regenerating the token
User.find(1).forget_me!    # clearing the token

# generating info to put into cookies
User.serialize_into_cookie(user)

# lookup the user based on the incoming cookie information
User.serialize_from_cookie(cookie_string)

Attributes

extend_remember_period[RW]
remember_me[RW]

Public Instance Methods

forget_me!() click to toggle source

If the record is persisted, remove the remember token (but only if it exists), and save the record without validations.

# File lib/devise/models/rememberable.rb, line 53
def forget_me!
  if persisted?
    self.remember_token = nil if respond_to?(:remember_token=)
    self.remember_created_at = nil
    save(:validate => false)
  end
end
remember_expired?() click to toggle source

Remember token should be expired if expiration time not overpass now.

# File lib/devise/models/rememberable.rb, line 62
def remember_expired?
  remember_created_at.nil? || (remember_expires_at <= Time.now.utc)
end
remember_expires_at() click to toggle source

Remember token expires at created time + remember_for configuration

# File lib/devise/models/rememberable.rb, line 67
def remember_expires_at
  remember_created_at + self.class.remember_for
end
remember_me!(extend_period=false) click to toggle source

Generate a new remember token and save the record without validations unless remember_across_browsers is true and the user already has a valid token.

# File lib/devise/models/rememberable.rb, line 46
def remember_me!(extend_period=false)
  self.remember_created_at = Time.now.utc if generate_remember_timestamp?(extend_period)
  save(:validate => false)
end
rememberable_value() click to toggle source
# File lib/devise/models/rememberable.rb, line 71
def rememberable_value
  if salt = authenticatable_salt
    salt
  else
    raise "authenticable_salt returned nil for the #{self.class.name} model. "              "In order to use rememberable, you must ensure a password is always set "              "or implement rememberable_value in your model with your own logic."
  end
end