auth_activity 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 6a54b8f73dcb2fc1e97da5d32d41b62b52ed0b9c75c0ecfce1e76259a925bfc2
4
+ data.tar.gz: 36060c0d21776ffa7f27a75ccc6d728ad8718590c91f0e836877230c3e6ecd6b
5
+ SHA512:
6
+ metadata.gz: 830350b87dc0d2f14f335eb556b4d41fc9d81c964d0d3700ac508c491875fcd0cbf0e11dc9ec5b17ce59177d45343b070da4fbd198535007cdfd21b8b3730d35
7
+ data.tar.gz: 0fae43ad38fcfc7abff573402614f7141a67cfa1f546aa9864c43b61d1fe08d2c99b0f2c6eba05b1441d65dc7cace1c381276fac4165162b78966ce7b0b863c4
@@ -0,0 +1,20 @@
1
+ Copyright 2018 Joshua Jansen
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,30 @@
1
+ # AuthActivity
2
+ Short description and motivation.
3
+
4
+ ## Usage
5
+ How to use my plugin.
6
+
7
+ ## Installation
8
+ Add this line to your application's Gemfile:
9
+
10
+ ```ruby
11
+ gem 'auth_activity'
12
+ ```
13
+
14
+ And then execute:
15
+ ```bash
16
+ $ bundle
17
+ $ rails auth_activity:install:migrations
18
+ $ rails db:migrate
19
+ ```
20
+
21
+ Or install it yourself as:
22
+ ```bash
23
+ $ gem install auth_activity
24
+ ```
25
+
26
+ ## Contributing
27
+ Contribution directions go here.
28
+
29
+ ## License
30
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -0,0 +1,32 @@
1
+ begin
2
+ require 'bundler/setup'
3
+ rescue LoadError
4
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
5
+ end
6
+
7
+ require 'rdoc/task'
8
+
9
+ RDoc::Task.new(:rdoc) do |rdoc|
10
+ rdoc.rdoc_dir = 'rdoc'
11
+ rdoc.title = 'AuthActivity'
12
+ rdoc.options << '--line-numbers'
13
+ rdoc.rdoc_files.include('README.md')
14
+ rdoc.rdoc_files.include('lib/**/*.rb')
15
+ end
16
+
17
+ APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
18
+ load 'rails/tasks/engine.rake'
19
+
20
+ load 'rails/tasks/statistics.rake'
21
+
22
+ require 'bundler/gem_tasks'
23
+
24
+ require 'rake/testtask'
25
+
26
+ Rake::TestTask.new(:test) do |t|
27
+ t.libs << 'test'
28
+ t.pattern = 'test/**/*_test.rb'
29
+ t.verbose = false
30
+ end
31
+
32
+ task default: :test
@@ -0,0 +1,2 @@
1
+ //= link_directory ../javascripts/auth_activity .js
2
+ //= link_directory ../stylesheets/auth_activity .css
@@ -0,0 +1,15 @@
1
+ // This is a manifest file that'll be compiled into application.js, which will include all the files
2
+ // listed below.
3
+ //
4
+ // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5
+ // or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
6
+ //
7
+ // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8
+ // compiled file. JavaScript code in this file should be added after the last require_* statement.
9
+ //
10
+ // Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
11
+ // about supported directives.
12
+ //
13
+ //= require rails-ujs
14
+ //= require activestorage
15
+ //= require_tree .
@@ -0,0 +1,15 @@
1
+ /*
2
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
3
+ * listed below.
4
+ *
5
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
6
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
7
+ *
8
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
10
+ * files in this directory. Styles in this file should be added after the last require_* statement.
11
+ * It is generally better to create a new file per style scope.
12
+ *
13
+ *= require_tree .
14
+ *= require_self
15
+ */
@@ -0,0 +1,5 @@
1
+ module AuthActivity
2
+ class ApplicationController < ActionController::Base
3
+ protect_from_forgery with: :exception
4
+ end
5
+ end
@@ -0,0 +1,66 @@
1
+ module AuthActivity
2
+ module AuthLogger
3
+ extend ActiveSupport::Concern
4
+
5
+ included do
6
+ after_action :log_login_attempt
7
+ after_action :log_password_request
8
+ around_action :log_logout_action
9
+ end
10
+
11
+ private
12
+
13
+ def user
14
+ return current_user if signed_in?
15
+ return if email.blank?
16
+
17
+ ::User.find_by(email: email)
18
+ end
19
+
20
+ def email
21
+ params.dig(:session, :email) || params.dig(:password, :email) || current_user&.email
22
+ end
23
+
24
+ def login_attempt?
25
+ controller_name == "sessions" && action_name == "create"
26
+ end
27
+
28
+ def password_request_attempt?
29
+ controller_name == "passwords" && action_name == "create"
30
+ end
31
+
32
+ def logout_action?
33
+ controller_name == "sessions" && action_name == "destroy"
34
+ end
35
+
36
+ def log_login_attempt
37
+ return unless login_attempt?
38
+
39
+ if signed_in?
40
+ AuthEvent.succesful_login.create(user: user, metadata: { email: email })
41
+ else
42
+ AuthEvent.failed_login.create(user: user, metadata: { email: email })
43
+ end
44
+ end
45
+
46
+ def log_password_request
47
+ return unless password_request_attempt?
48
+
49
+ if user.present?
50
+ AuthEvent.succesful_password_request.create(user: user, metadata: { email: email })
51
+ else
52
+ AuthEvent.failed_password_request.create(metadata: { email: email })
53
+ end
54
+ end
55
+
56
+ def log_logout_action
57
+ if user.present? && logout_action?
58
+ user = current_user
59
+ yield
60
+ AuthEvent.logout.create(user: user, metadata: { email: user.email })
61
+ else
62
+ yield
63
+ end
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,5 @@
1
+ module AuthActivity
2
+ class ApplicationRecord < ActiveRecord::Base
3
+ self.abstract_class = true
4
+ end
5
+ end
@@ -0,0 +1,16 @@
1
+ module AuthActivity
2
+ class AuthEvent < ApplicationRecord
3
+ belongs_to :user, optional: true
4
+
5
+ enum action_type: {
6
+ failed_login: 0,
7
+ succesful_login: 1,
8
+ attributes_changed: 2,
9
+ failed_password_request: 3,
10
+ succesful_password_request: 4,
11
+ user_created: 5,
12
+ user_destroyed: 6,
13
+ logout: 7
14
+ }
15
+ end
16
+ end
@@ -0,0 +1,44 @@
1
+ module AuthActivity::User
2
+ AUTH_ATTRIBUTES = %w[email encrypted_password]
3
+ FILTER_ATTRIBUTES = %w[encrypted_password]
4
+ extend ActiveSupport::Concern
5
+
6
+ included do
7
+ after_update :log_changed
8
+ after_create :log_created
9
+ after_destroy :log_destroyed
10
+ end
11
+
12
+ private
13
+
14
+ def log_created
15
+ AuthActivity::AuthEvent.user_created.create!(user: self)
16
+ end
17
+
18
+ def log_changed
19
+ return unless changed_auth_attributes.any?
20
+ AuthActivity::AuthEvent.attributes_changed.create!(user: self, metadata: { attributes_changed: filtered_auth_changes } )
21
+ end
22
+
23
+ def log_destroyed
24
+ AuthActivity::AuthEvent.user_destroyed.create!(user: self)
25
+ end
26
+
27
+ def changed_auth_attributes
28
+ saved_changes.keys & AUTH_ATTRIBUTES
29
+ end
30
+
31
+ def filtered_auth_changes
32
+ auth_changes.update(auth_changes) do |k,v|
33
+ if k.in? FILTER_ATTRIBUTES
34
+ return { k => ["[filtered]", "[filtered]"] }
35
+ else
36
+ { k => v }
37
+ end
38
+ end
39
+ end
40
+
41
+ def auth_changes
42
+ saved_changes.select { |k,v| k.in?(changed_auth_attributes) }
43
+ end
44
+ end
@@ -0,0 +1,16 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>Auth activity</title>
5
+ <%= csrf_meta_tags %>
6
+ <%= csp_meta_tag %>
7
+
8
+ <%= stylesheet_link_tag "auth_activity/application", media: "all" %>
9
+ <%= javascript_include_tag "auth_activity/application" %>
10
+ </head>
11
+ <body>
12
+
13
+ <%= yield %>
14
+
15
+ </body>
16
+ </html>
@@ -0,0 +1,2 @@
1
+ AuthActivity::Engine.routes.draw do
2
+ end
@@ -0,0 +1,11 @@
1
+ class CreateAuthActivityAuthEvents < ActiveRecord::Migration[5.2]
2
+ def change
3
+ create_table :auth_activity_auth_events do |t|
4
+ t.integer :user_id
5
+ t.integer :action_type
6
+ t.json :metadata, default: {}
7
+
8
+ t.timestamps
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,4 @@
1
+ require "auth_activity/engine"
2
+
3
+ module AuthActivity
4
+ end
@@ -0,0 +1,5 @@
1
+ module AuthActivity
2
+ class Engine < ::Rails::Engine
3
+ isolate_namespace AuthActivity
4
+ end
5
+ end
@@ -0,0 +1,3 @@
1
+ module AuthActivity
2
+ VERSION = '0.1.1'
3
+ end
@@ -0,0 +1,4 @@
1
+ # desc "Explaining what the task does"
2
+ # task :auth_activity do
3
+ # # Task goes here
4
+ # end
metadata ADDED
@@ -0,0 +1,106 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: auth_activity
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.1
5
+ platform: ruby
6
+ authors:
7
+ - Michiel Sikkes
8
+ - Joshua Jansen
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2018-09-14 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: rails
16
+ requirement: !ruby/object:Gem::Requirement
17
+ requirements:
18
+ - - "~>"
19
+ - !ruby/object:Gem::Version
20
+ version: '5.2'
21
+ type: :runtime
22
+ prerelease: false
23
+ version_requirements: !ruby/object:Gem::Requirement
24
+ requirements:
25
+ - - "~>"
26
+ - !ruby/object:Gem::Version
27
+ version: '5.2'
28
+ - !ruby/object:Gem::Dependency
29
+ name: pg
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - "~>"
33
+ - !ruby/object:Gem::Version
34
+ version: '1.1'
35
+ type: :development
36
+ prerelease: false
37
+ version_requirements: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - "~>"
40
+ - !ruby/object:Gem::Version
41
+ version: '1.1'
42
+ - !ruby/object:Gem::Dependency
43
+ name: simplecov
44
+ requirement: !ruby/object:Gem::Requirement
45
+ requirements:
46
+ - - "~>"
47
+ - !ruby/object:Gem::Version
48
+ version: '0.16'
49
+ type: :development
50
+ prerelease: false
51
+ version_requirements: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - "~>"
54
+ - !ruby/object:Gem::Version
55
+ version: '0.16'
56
+ description: Automatic authorisation auditing for your Rails app
57
+ email:
58
+ - michiel.sikkes@gmail.com
59
+ - joshuajansen88@gmail.com
60
+ executables: []
61
+ extensions: []
62
+ extra_rdoc_files: []
63
+ files:
64
+ - MIT-LICENSE
65
+ - README.md
66
+ - Rakefile
67
+ - app/assets/config/auth_activity_manifest.js
68
+ - app/assets/javascripts/auth_activity/application.js
69
+ - app/assets/stylesheets/auth_activity/application.css
70
+ - app/controllers/auth_activity/application_controller.rb
71
+ - app/controllers/concerns/auth_activity/auth_logger.rb
72
+ - app/models/auth_activity/application_record.rb
73
+ - app/models/auth_activity/auth_event.rb
74
+ - app/models/concerns/auth_activity/user.rb
75
+ - app/views/layouts/auth_activity/application.html.erb
76
+ - config/routes.rb
77
+ - db/migrate/20180914084603_create_auth_activity_auth_events.rb
78
+ - lib/auth_activity.rb
79
+ - lib/auth_activity/engine.rb
80
+ - lib/auth_activity/version.rb
81
+ - lib/tasks/auth_activity_tasks.rake
82
+ homepage: https://firmhouse.com
83
+ licenses:
84
+ - MIT
85
+ metadata: {}
86
+ post_install_message:
87
+ rdoc_options: []
88
+ require_paths:
89
+ - lib
90
+ required_ruby_version: !ruby/object:Gem::Requirement
91
+ requirements:
92
+ - - ">="
93
+ - !ruby/object:Gem::Version
94
+ version: '0'
95
+ required_rubygems_version: !ruby/object:Gem::Requirement
96
+ requirements:
97
+ - - ">="
98
+ - !ruby/object:Gem::Version
99
+ version: '0'
100
+ requirements: []
101
+ rubyforge_project:
102
+ rubygems_version: 2.7.6
103
+ signing_key:
104
+ specification_version: 4
105
+ summary: Authorisation auditing
106
+ test_files: []