How to deactivate User – Rails with Devise

Sometimes when I find the time (which happens roughly 23 to 37 times each and every day) I visit Stack Overflow, hopefully to solve a problem – but regularly leave irritated and heartbroken because the solution is too geeky and doesn’t explain the core of the problem (translation: it’s hard to copy/paste).

 

So today I will explain the core of the problem (easy to copy/paste) for deactivation of the User model with Devise. The reason for writing this post was few hours of struggle reading a lot of unecessary code without reasonable explanations and the need to stop deleting important stuff from the database, so I just wanted to create something easy, quick and readable for the community. Enough of smart talk let’s begin with the real reason why we are here.

 

– I assume you already passed the Devise tutorial and already have an existing User model in your project (if not do it Here!). So, first off, we are going to run this command inside of our console to add a column named deactivated with bool value to our User model:
rails g migration add_deactivated_to_users deactivated:bool
– Just to be sure before running migrations – check your newly created file in db/migrate, it should contain the following:
class AddDeactivatedToUsers < ActiveRecord::Migration 
  def change
    add_column :users, :deactivated, :bool
  end
end
– If it looks inviting as this, run this command in you console:
rake db:migrate
– Now it’s time for some real stuff, we are going to override the User destroy method. Open up your user.rb in your models folder and add this:
def destroy
  update_attributes(deactivated: true) unless deactivated
end
– A quick explanation for curios souls – when destroy method is called on User model, we are updating the User’s deactivated column to true only if the user is not currently deactivated.

 

– Now when a User is being a baddie, they won’t  be deleted, they’ll only get deactivated. Still, we have to forbid them from logging in. If you closed your user.rb file, open it again and put this inside:
def active_for_authentication?
  super && !deactivated
end
– This method will be our insurance that the user can only login when he/she is not deactivated. When the user is deactivated and tries to login he/she will see the following message: ‘Your account is not activated yet’. To mix it up a bit or use something more appropriate for your own use case, we will need to change our local Devise messages.

 

– Open up config/locales/devise.en.yml (if you have more supported languages be sure to change the message on them too) and you will find our message under devise: failure: inactive: and change it to anything you find good for this bad user.

 

Hope you liked it and hope it helps. Thanks for reading.