如何使devise与失败的尝试次数locking

使用Devise 2.1.2和Rails 3.2.6

我正在做这个问答,以防其他人遇到这个问题,因为我发现它的文档很less,散乱。

如果您尝试将Devise设置为可locking,则可能会发生此错误。

 undefined local variable or method `locked_at' for [someClass] 

这意味着你的模型没有适当的属性。

先决条件:在config / initializers / devise.rb中设置以下内容

 # ==> Configuration for :lockable # Defines which strategy will be used to lock an account. # :failed_attempts = Locks an account after a number of failed attempts to sign in. # :none = No lock strategy. You should handle locking by yourself. config.lock_strategy = :failed_attempts # Defines which key will be used when locking and unlocking an account config.unlock_keys = [ :email ] # Defines which strategy will be used to unlock an account. # :email = Sends an unlock link to the user email # :time = Re-enables login after a certain amount of time (see :unlock_in below) # :both = Enables both strategies # :none = No unlock strategy. You should handle unlocking by yourself. config.unlock_strategy = :email # Number of authentication tries before locking an account if lock_strategy # is failed attempts. config.maximum_attempts = 20 # Time interval to unlock the account if :time is enabled as unlock_strategy. # config.unlock_in = 1.hour 

设置你的模型包括devise :lockable

 class Example < ActiveRecord::Base # Include default devise modules. Others available are: # :token_authenticatable, :confirmable, # :lockable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :lockable 

简单地在devise移植中取消注释这个string:

  ## Lockable # t.integer :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts # t.string :unlock_token # Only if unlock strategy is :email or :both # t.datetime :locked_at 

Devise需要这三个属性在你的模型上。 因此,生成以下迁移并运行它。

 class AddLockableToExamples < ActiveRecord::Migration def change add_column :examples, :failed_attempts, :integer, default: 0 add_column :examples, :unlock_token, :string # Only if unlock strategy is :email or :both add_column :examples, :locked_at, :datetime end end 

希望这可以节省别人的谷歌小时。