I use Devise for authentication and I have an admin role who can manage users.

Apart from this the admin can also lock a user preventing him from logging in the future. I have created a Boolean field inside 'User' model called 'is_locked?'. When the admin locks a user this boolean field is set to true. Based on this info I can know if a user is locked or not.

Now when user tries to log in, before setting up his session, I have to check this logic. I'm clueless about where to add this logic. Or this any custom methods or events which devise provides, so that I can add it there.

I've found that you can stack before_filters in the controller, so if you wanted to check for an authenticate_user!, you could also use a before_filter (after authenticate_user!) to check for a locked user. If the user model has a boolean attribute locked, you can simply write a private method in your controller (or helper) like this:

#top of controller
before_filter authenticate_user!
before_filter user_active!

#bottom of controller
private
def user_active!
  unless current_user.locked?
    return true
  end
  redirect_to root_url, :notice => "Your account is locked."
  return false
end

This will give you the page you want if you're an unlocked user, and redirect you to the root page with an error message if the user is locked.

You can add an active? method on the User model:

def active?
  super && !self.is_locked?
end