Allow overwriting find for authentication method.

lib/devise/models/authenticatable.rb

@@ -60,16 +60,23 @@ module Devise
         end
 
       module ClassMethods
-        # Authenticate a user based on email and password. Returns the
+        # Authenticate a user based on configured attribute keys. Returns the
-        # authenticated user if it's valid or nil.
+        # authenticated user if it's valid or nil. Attributes are by default
-        # Attributes are :email and :password
+        # :email and :password, the latter is always required.
         def authenticate(attributes={})
           return unless authentication_keys.all? { |k| attributes[k].present? }
           conditions = attributes.slice(*authentication_keys)
-          authenticatable = find(:first, :conditions => conditions)
+          authenticatable = find_for_authentication(conditions)
           authenticatable if authenticatable.try(:valid_password?, attributes[:password])
         end
 
+        # Find first record based on conditions given (ie by the sign in form).
+        # Overwrite to add customized conditions, create a join, or maybe use a
+        # namedscope to filter records while authenticating.
+        def find_for_authentication(conditions)
+          find(:first, :conditions => conditions)
+        end
+
         # Attempt to find a user by it's email. If not user is found, returns a
         # new user with an email not found error.
         def find_or_initialize_with_error_by_email(email)

test/models/authenticatable_test.rb

@@ -136,6 +136,16 @@ class AuthenticatableTest < ActiveSupport::TestCase
     end
   end
 
+  test 'should allow overwriting find for authentication conditions' do
+    admin = Admin.create!(valid_attributes)
+    assert_not_nil Admin.authenticate(:email => admin.email, :password => admin.password)
+  end
+
+  test 'should never authenticate an account' do
+    account = Account.create!(valid_attributes)
+    assert_nil Account.authenticate(:email => account.email, :password => account.password)
+  end
+
   test 'should serialize user into session' do
     user = create_user
     assert_equal [User, user.id], User.serialize_into_session(user)

test/rails_app/app/models/account.rb

@@ -1,3 +1,7 @@
 class Account < ActiveRecord::Base
   devise :all
+
+  def self.find_for_authentication(conditions)
+    nil
+  end
 end

test/rails_app/app/models/admin.rb

@@ -1,3 +1,7 @@
 class Admin < ActiveRecord::Base
   devise :all, :except => [:recoverable, :confirmable, :rememberable, :validatable]
+
+  def self.find_for_authentication(conditions)
+    last(:conditions => conditions)
+  end
 end

test/test_helper.rb

@@ -15,12 +15,12 @@ ActiveRecord::Base.logger = Logger.new(nil)
 ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
 
 ActiveRecord::Schema.define(:version => 1) do
-  [:users, :admins].each do |table|
+  [:users, :admins, :accounts].each do |table|
     create_table table do |t|
       t.authenticatable :null => table == :admins
-      t.string :username if table == :users
 
-      if table == :users
+      if table != :admin
+        t.string :username
         t.confirmable
         t.recoverable
         t.rememberable