How to stop soft deleted user's login with Devise

Question

I currently use Devise for user registration/authentication in a Rails project. When a user wants to cancel their account, the user object is soft deleted in a way like the

Answer 1

I haven't tried anything like that but it seems if you want to catch the user before authentication you'll either have to write a Devise authentication strategy or a before_filter to be run before authenticate_user!. Something like:

before_filter :no_deleted_users

def no_deleted_users
  if User.find(params[:email]).deleted?
    redirect_to root_path, :flash => { :error => "Your user was deleted.  You cannot log in." } 
  end
end

Although it might be more complex to get the user than that. I haven't played with Devise pre-authentication.