❗ This repository is no longer maintained. Please use https://github.com/castle/castle_devise instead.
Adds support to Devise for protecting your user accounts with Castle. Castle monitors your login system and stops account hijacks in real-time.
Before you start, make sure that you've set up Devise in your Rails application.
- First add the
devise_castlegem to your Gemfile:
gem 'devise_castle'- Install the gem:
bundle install- Take note of your API secret from your Castle dashboard and run the installation generator. This will add Castle configuration to your devise.rb initializer and add a devise_castle.en.yml to your locale files.
rails generate devise_castle:install YOUR-API-SECRET- When you are done, you are ready to add DeviseCastle to any of your Devise models using the following generator. Replace MODEL by the class name you want to add DeviseCastle, like
User,Admin, etc.
rails generate devise_castle MODEL- That's it! Now log in to your application and watch your user appear in the Castle dashboard.
These events are automatically tracked by the extension:
$login.succeeded$login.failed$logout.succeeded$registration.succeeded$registration.failed$password_change.succeeded$password_change.failed$password_reset.requested$password_reset.succeeded$password_reset.failed
These events need to be tracked manually:
$challenge.requested$challenge.succeeded$challenge.failed$email_change.requested$email_change.succeeded$email_change.failed
By default, all Castle exceptions are handled silently. Uncomment these lines in config/initializers/devise.rb to create a custom error handler:
# config.castle_error_handler = Proc.new { |exception|
# # Handle error from Castle
# }By default, the id field of your user model will be used as the identifer when creating and querying Castle users. If you have multiple user models that risk generating the same identifier, you can override castle_id in your models:
class Admin < User
def castle_id
"admin-#{id}"
end
end