Callbacks

There are a number of callbacks at various points in the authentication cycle available.

• after_set_user
• after_authentication
• before_failure
• before_logout

With all callbacks, you can add as many as you like, and they will be executed in the order they were declared. If you want to prepend a callback, you should prefix each callback name with "prepend_", e.g. prepend_before_failure, prepend_before_logout and so on, and pass the same arguments described below.

h2. after_set_user

This is called every time the user is set. The user is set:

• on each request when they are accessed for the first time via env['warden'].user
• when the user is initially authenticated
• when the user is set via the set_user method

h3. Example

Warden::Manager.after_set_user do |user, auth, opts|
  unless user.active?
    auth.logout
    throw(:warden, :message => "User not active")
  end
end

h2. after_authentication

Executed every time the user is authenticated (first time in each session).

h3. Example

Warden::Manager.after_authentication do |user,auth,opts|
  user.last_login = Time.now
end

h2. before_failure

This callback is run right before the failure application is called. Failures

This is useful for mutating the env if required by the rack endpoint used. For example, some endpoints may require request.params[:action] to be set to the method name.

h3. Example

Warden::Manager.before_failure do |env, opts|
  request = Rack::Request.new(env)
  env['SCRIPT_INFO'] =~ /\/(.*)/
  request.params[:action] = $1
end

h2. before_logout

This callback is run before each user is logged out. This is useful for deleting a remember_me token from users.

h3. Example

Warden::Manager.before_logout do |user,auth,opts|
  user.forget_me!
  auth.response.delete_cookie "remember_token"
end