1

I'm using discard gem for Soft deletion. Once user gets Soft-Deleted, user can still receive forget password emails. Because Devise password controller does not care either its soft-deleted or not ?

I'm using following Devise modules, it seems, i may need to fix for all modules:-

  • :confirmable,
  • :recoverable,
  • :timeoutable,
  • :trackable
  • :lockable
  • :authenticatable

Though I'm able to fix login issue with authenticatable by overriding find_for_authentication method in user model, but it doesn't seem to be working with other Devise modules.

Any Idea, how i can fix soft-deletion issues with Devise ?

I'm using devise(4.6.2), discard (1.0.0), Rails 5.1.6.2

Sergio Tulentsev
  • 226,338
  • 43
  • 373
  • 367
kashif
  • 1,097
  • 4
  • 17
  • 32

2 Answers2

1

You could use a default scope, ex:

class User
  ...
  default_scope -> { kept }
  ...
end

Other discard scopes like discarded and with_discarded should keep working since they operate on the same column (discard_column), so they would override the default scope. That way, there's no need to override any of devise methods

Juan Fuentes
  • 1,743
  • 2
  • 20
  • 33
  • its already in my mind but I do not want to use default_scope due to some code dependencies in the application. is there any other setting in devise which i can use for soft-deletion – kashif May 29 '19 at 16:27
1

Finally I'm able to fix it by overriding following method in user.rb. any one else, if facing the same issue, can fix it in following way:

# Override to add condition to ignore soft deleted users
def self.find_first_by_auth_conditions(conditions, opts = {})
  opts.reverse_merge!(discarded_at: nil)

  super
 end
kashif
  • 1,097
  • 4
  • 17
  • 32