authtrail 0.1.3 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/LICENSE.txt +1 -1
- data/README.md +20 -10
- data/app/jobs/auth_trail/geocode_job.rb +12 -6
- data/lib/auth_trail/version.rb +1 -1
- data/lib/generators/authtrail/install_generator.rb +4 -34
- data/lib/generators/authtrail/templates/login_activities_migration.rb.tt +2 -0
- data/lib/generators/authtrail/templates/login_activity_model.rb.tt +2 -2
- metadata +8 -9
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ad9a6df032f6b55c8bea0b3ee70bb9248d349abe1277e4debcf658af1f4b3f0
|
|
4
|
+
data.tar.gz: a0d8162b461e5ed2caf2c3d2d6ab5aee10d51c31a64f475de306f5dc94c1a522
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 60b80bfe92e7c351bbc80f7019dfe074e1dc5071a0af31940afdcf330d4b0481b8b020fbe1c3e32b50999781018a89c336a19130713e48045cf90e9d4451aad3
|
|
7
|
+
data.tar.gz: 5507b63ddd85c0dc97a4d6cbd6b7d1fd972df6980f0d232d925a7312d02c2e65b93a6448d9dc38bf8baf61354665eda951540e031c18979fc376ee0acf19a54a
|
data/CHANGELOG.md
CHANGED
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -32,7 +32,7 @@ A `LoginActivity` record is created every time a user tries to login. You can th
|
|
|
32
32
|
- `context` - controller and action
|
|
33
33
|
- `ip` - IP address
|
|
34
34
|
- `user_agent` and `referrer` - from browser
|
|
35
|
-
- `city`, `region`, and `
|
|
35
|
+
- `city`, `region`, `country`, `latitude`, and `longitude` - from IP
|
|
36
36
|
- `created_at` - time of event
|
|
37
37
|
|
|
38
38
|
## Features
|
|
@@ -53,7 +53,7 @@ AuthTrail.track_method = lambda do |info|
|
|
|
53
53
|
end
|
|
54
54
|
```
|
|
55
55
|
|
|
56
|
-
Use a custom identity method
|
|
56
|
+
Use a custom identity method
|
|
57
57
|
|
|
58
58
|
```ruby
|
|
59
59
|
AuthTrail.identity_method = lambda do |request, opts, user|
|
|
@@ -73,7 +73,7 @@ class User < ApplicationRecord
|
|
|
73
73
|
end
|
|
74
74
|
```
|
|
75
75
|
|
|
76
|
-
The `LoginActivity` model uses a [polymorphic association](
|
|
76
|
+
The `LoginActivity` model uses a [polymorphic association](https://guides.rubyonrails.org/association_basics.html#polymorphic-associations) so it can be associated with different user models.
|
|
77
77
|
|
|
78
78
|
## Geocoding
|
|
79
79
|
|
|
@@ -112,24 +112,34 @@ Geocoder.configure(
|
|
|
112
112
|
|
|
113
113
|
## Data Protection
|
|
114
114
|
|
|
115
|
-
Protect the privacy of your users by encrypting fields that contain personal information, such as `identity` and `ip`. [attr_encrypted](https://github.com/attr-encrypted/attr_encrypted) is great for this.
|
|
115
|
+
Protect the privacy of your users by encrypting fields that contain personal information, such as `identity` and `ip`. [attr_encrypted](https://github.com/attr-encrypted/attr_encrypted) is great for this. Use [blind_index](https://github.com/ankane/blind_index) so you can still query the fields.
|
|
116
116
|
|
|
117
117
|
```ruby
|
|
118
118
|
class LoginActivity < ApplicationRecord
|
|
119
|
-
attr_encrypted :identity, ...
|
|
120
|
-
attr_encrypted :ip, ...
|
|
119
|
+
attr_encrypted :identity, key: ...
|
|
120
|
+
attr_encrypted :ip, key: ...
|
|
121
|
+
|
|
122
|
+
blind_index :identity, key: ...
|
|
123
|
+
blind_index :ip, key: ...
|
|
121
124
|
end
|
|
122
125
|
```
|
|
123
126
|
|
|
124
|
-
You should also make it clear that you collect this information in your privacy policy.
|
|
125
|
-
|
|
126
127
|
## Other Notes
|
|
127
128
|
|
|
128
129
|
We recommend using this in addition to Devise’s `Lockable` module and [Rack::Attack](https://github.com/kickstarter/rack-attack).
|
|
129
130
|
|
|
130
|
-
Check out [Hardening Devise](https://
|
|
131
|
+
Check out [Hardening Devise](https://ankane.org/hardening-devise) and [Secure Rails](https://github.com/ankane/secure_rails) for more best practices.
|
|
132
|
+
|
|
133
|
+
## Upgrading
|
|
134
|
+
|
|
135
|
+
### 0.2.0
|
|
131
136
|
|
|
132
|
-
|
|
137
|
+
To store latitude and longitude, create a migration with:
|
|
138
|
+
|
|
139
|
+
```ruby
|
|
140
|
+
add_column :login_activities, :latitude, :float
|
|
141
|
+
add_column :login_activities, :longitude, :float
|
|
142
|
+
```
|
|
133
143
|
|
|
134
144
|
## History
|
|
135
145
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module AuthTrail
|
|
2
|
-
class GeocodeJob <
|
|
2
|
+
class GeocodeJob < ActiveJob::Base
|
|
3
3
|
def perform(login_activity)
|
|
4
4
|
result =
|
|
5
5
|
begin
|
|
@@ -10,11 +10,17 @@ module AuthTrail
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
if result
|
|
13
|
-
|
|
14
|
-
city: result.try(:city)
|
|
15
|
-
region: result.try(:state)
|
|
16
|
-
country: result.try(:country)
|
|
17
|
-
|
|
13
|
+
attributes = {
|
|
14
|
+
city: result.try(:city),
|
|
15
|
+
region: result.try(:state),
|
|
16
|
+
country: result.try(:country),
|
|
17
|
+
latitude: result.try(:latitude),
|
|
18
|
+
longitude: result.try(:longitude)
|
|
19
|
+
}
|
|
20
|
+
attributes.each do |k, v|
|
|
21
|
+
login_activity.try("#{k}=", v.presence)
|
|
22
|
+
end
|
|
23
|
+
login_activity.save!
|
|
18
24
|
end
|
|
19
25
|
end
|
|
20
26
|
end
|
data/lib/auth_trail/version.rb
CHANGED
|
@@ -1,51 +1,21 @@
|
|
|
1
|
-
# taken from https://github.com/collectiveidea/audited/blob/master/lib/generators/audited/install_generator.rb
|
|
2
|
-
require "rails/generators"
|
|
3
|
-
require "rails/generators/migration"
|
|
4
|
-
require "active_record"
|
|
5
1
|
require "rails/generators/active_record"
|
|
6
2
|
|
|
7
3
|
module Authtrail
|
|
8
4
|
module Generators
|
|
9
5
|
class InstallGenerator < Rails::Generators::Base
|
|
10
|
-
include
|
|
11
|
-
source_root File.
|
|
12
|
-
|
|
13
|
-
# Implement the required interface for Rails::Generators::Migration.
|
|
14
|
-
def self.next_migration_number(dirname) #:nodoc:
|
|
15
|
-
next_migration_number = current_migration_number(dirname) + 1
|
|
16
|
-
if ::ActiveRecord::Base.timestamped_migrations
|
|
17
|
-
[Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
|
|
18
|
-
else
|
|
19
|
-
"%.3d" % next_migration_number
|
|
20
|
-
end
|
|
21
|
-
end
|
|
6
|
+
include ActiveRecord::Generators::Migration
|
|
7
|
+
source_root File.join(__dir__, "templates")
|
|
22
8
|
|
|
23
9
|
def copy_migration
|
|
24
10
|
migration_template "login_activities_migration.rb", "db/migrate/create_login_activities.rb", migration_version: migration_version
|
|
25
11
|
end
|
|
26
12
|
|
|
27
13
|
def generate_model
|
|
28
|
-
template "login_activity_model.rb", "app/models/login_activity.rb"
|
|
14
|
+
template "login_activity_model.rb", "app/models/login_activity.rb"
|
|
29
15
|
end
|
|
30
16
|
|
|
31
17
|
def migration_version
|
|
32
|
-
|
|
33
|
-
"[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
|
|
34
|
-
end
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def rails5?
|
|
38
|
-
Rails::VERSION::MAJOR >= 5
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
def model_base_class
|
|
42
|
-
rails5? ? "ApplicationRecord" : "ActiveRecord::Base"
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
def ar_optional_flag
|
|
46
|
-
if rails5?
|
|
47
|
-
", optional: true"
|
|
48
|
-
end
|
|
18
|
+
"[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
|
|
49
19
|
end
|
|
50
20
|
end
|
|
51
21
|
end
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
class LoginActivity <
|
|
2
|
-
belongs_to :user, polymorphic: true
|
|
1
|
+
class LoginActivity < ApplicationRecord
|
|
2
|
+
belongs_to :user, polymorphic: true, optional: true
|
|
3
3
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authtrail
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-06-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -16,28 +16,28 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '5'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - ">="
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '5'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: activerecord
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '5'
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '5'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: warden
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -137,15 +137,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
137
137
|
requirements:
|
|
138
138
|
- - ">="
|
|
139
139
|
- !ruby/object:Gem::Version
|
|
140
|
-
version: '2.
|
|
140
|
+
version: '2.4'
|
|
141
141
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
142
142
|
requirements:
|
|
143
143
|
- - ">="
|
|
144
144
|
- !ruby/object:Gem::Version
|
|
145
145
|
version: '0'
|
|
146
146
|
requirements: []
|
|
147
|
-
|
|
148
|
-
rubygems_version: 2.7.7
|
|
147
|
+
rubygems_version: 3.0.3
|
|
149
148
|
signing_key:
|
|
150
149
|
specification_version: 4
|
|
151
150
|
summary: Track Devise login activity
|