module Devise::Models::AuthyLockable

Handles blocking a user access after a certain number of attempts. Requires proper configuration of the Devise::Models::Lockable module.

Public Instance Methods

invalid_authy_attempt!() click to toggle source

Public: Handle a failed 2FA attempt. If the resource is lockable via Devise::Models::Lockable module then enforce that setting.

Returns true if the user is locked out.

# File lib/devise-authy/models/authy_lockable.rb, line 24
def invalid_authy_attempt!
  return false unless lockable?

  self.failed_attempts ||= 0
  self.failed_attempts += 1

  if attempts_exceeded?
    lock_access! unless access_locked?
    true
  else
    save validate: false
    false
  end
end
lockable?() click to toggle source

Public: Determine if this is a lockable resource, via Devise::Models::Lockable. Returns true Raises an error if the Devise::Models::Lockable module is not configured.

# File lib/devise-authy/models/authy_lockable.rb, line 15
def lockable?
  raise 'Devise lockable extension required' unless respond_to? :lock_access!
  Devise.lock_strategy == :failed_attempts
end