What is the best way to ban/block users with Devise for Rails?

Question

I'm using Devise for authentication in my rails app and I'd like to be able to block certain accounts and prevent users from reregistering with a blocked email. I'm just not sure what the best way is to go about it.

My first thought was to override the sessions and registrations controllers to check the model for a user with a blocked bit, but I have a feeling there might be a more elegant way.

Answer 1

I would do it like this:

def after_sign_in_path_for(resource)
  if resource.is_a?(User) && resource.banned?
    sign_out resource
    banned_user_path
  else
   super
  end
end

Answer 2

You could create a custom validation method in the User model, which, on create, checks weather the email is on the blocked list of emails. See how to do that very easily here: http://bit.ly/dw7BQg .