SignInGuards are very useful. They only work during sign in however...

For example, we might soft-delete a user, or mark them as blocked, or perhaps even something more exotic like allowing users to access a system only during certain times. We can reset the remember token, sure, but somehow it feels a bit hackey (or is it just me?)

I'm wondering what's the easiest way to call guards as part of the before_action :require_login so essentially they run on every request and can kick out users that don't meet certain conditions. I thought the guards are the logical place for code that checks for authorization, not only during sign_in but always.

Devise/Warden have active_for_authentication? method that you can override on the user model and then warden checks it.

What's the best way to do something like this with Clearance?

EDIT: we're currently just using a before_action in application controller and I guess it's fine, but still curious 😃

Hi @gingerlime, I don't believe there's anything in Clearance that's intended to help in this manner. Your approach of using a before_action is what I would recommend and what we've done in projects with similar needs using Clearance.

With the goal of keeping Clearance small and straightforward, this isn't something we'd likely add, especially as there's a good alternative directly in Rails.

Makes sense. Thanks for getting back to me 👍