authtrail 0.4.1 → 0.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -1
- data/README.md +24 -3
- data/lib/auth_trail/engine.rb +1 -0
- data/lib/auth_trail/version.rb +1 -1
- data/lib/generators/authtrail/install_generator.rb +29 -6
- data/lib/generators/authtrail/templates/model_activerecord.rb.tt +14 -0
- data/lib/generators/authtrail/templates/{model.rb.tt → model_none.rb.tt} +0 -0
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ff58207c013a0181500aea1886029896cae2af4fe0cf8dbf65bd1545e0637f4a
|
4
|
+
data.tar.gz: f2b530b002daaa2ca52f2dbf471199e9fcfc13c04c9c821df139b9e6e909eecc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 94ec2b6986bef058156630c1dccf900c366f1b9c2aaf84703c5372370dbf305af698c554c9e1b5f0ca64d144cd934c065499ac745c711a98d8dfe33c3138ed5b
|
7
|
+
data.tar.gz: ae73465fd479199a31cabed9a87a6afdf6acca838de32c8b329f2da061709229046812584dfce1a9a8fdb4650834a5b2a4f2928ac7ea0d6e0cbf50da98e2c4c2
|
data/CHANGELOG.md
CHANGED
@@ -1,10 +1,15 @@
|
|
1
|
+
## 0.4.2 (2021-12-13)
|
2
|
+
|
3
|
+
- Added experimental support for Active Record encryption
|
4
|
+
- Fixed error with Rails 7 rc1
|
5
|
+
|
1
6
|
## 0.4.1 (2021-08-14)
|
2
7
|
|
3
8
|
- Improved error message when `geocoder` gem not installed
|
4
9
|
|
5
10
|
## 0.4.0 (2021-08-13)
|
6
11
|
|
7
|
-
- Disabled geocoding by default
|
12
|
+
- Disabled geocoding by default (this was already the case for new installations with 0.3.0+)
|
8
13
|
- Made the `geocoder` gem an optional dependency
|
9
14
|
- Added `country_code` to geocoding
|
10
15
|
|
data/README.md
CHANGED
@@ -16,17 +16,24 @@ Add this line to your application’s Gemfile:
|
|
16
16
|
gem 'authtrail'
|
17
17
|
```
|
18
18
|
|
19
|
-
To encrypt email and IP addresses, install [Lockbox](https://github.com/ankane/lockbox) and [Blind Index](https://github.com/ankane/blind_index) and run:
|
19
|
+
To encrypt email and IP addresses with Lockbox, install [Lockbox](https://github.com/ankane/lockbox) and [Blind Index](https://github.com/ankane/blind_index) and run:
|
20
20
|
|
21
21
|
```sh
|
22
|
-
rails generate authtrail:install --lockbox
|
22
|
+
rails generate authtrail:install --encryption=lockbox
|
23
|
+
rails db:migrate
|
24
|
+
```
|
25
|
+
|
26
|
+
To use Active Record encryption (Rails 7+, experimental, unreleased), run:
|
27
|
+
|
28
|
+
```sh
|
29
|
+
rails generate authtrail:install --encryption=activerecord
|
23
30
|
rails db:migrate
|
24
31
|
```
|
25
32
|
|
26
33
|
If you prefer not to encrypt data, run:
|
27
34
|
|
28
35
|
```sh
|
29
|
-
rails generate authtrail:install
|
36
|
+
rails generate authtrail:install --encryption=none
|
30
37
|
rails db:migrate
|
31
38
|
```
|
32
39
|
|
@@ -183,6 +190,20 @@ end
|
|
183
190
|
|
184
191
|
Check out [this example](https://github.com/ankane/authtrail/issues/40)
|
185
192
|
|
193
|
+
## Data Retention
|
194
|
+
|
195
|
+
Delete older data with:
|
196
|
+
|
197
|
+
```ruby
|
198
|
+
LoginActivity.where("created_at < ?", 2.years.ago).in_batches.delete_all
|
199
|
+
```
|
200
|
+
|
201
|
+
Delete data for a specific user with:
|
202
|
+
|
203
|
+
```ruby
|
204
|
+
LoginActivity.where(user_id: 1, user_type: "User").in_batches.delete_all
|
205
|
+
```
|
206
|
+
|
186
207
|
## Other Notes
|
187
208
|
|
188
209
|
We recommend using this in addition to Devise’s `Lockable` module and [Rack::Attack](https://github.com/kickstarter/rack-attack).
|
data/lib/auth_trail/engine.rb
CHANGED
data/lib/auth_trail/version.rb
CHANGED
@@ -6,9 +6,12 @@ module Authtrail
|
|
6
6
|
include ActiveRecord::Generators::Migration
|
7
7
|
source_root File.join(__dir__, "templates")
|
8
8
|
|
9
|
+
class_option :encryption, type: :string
|
10
|
+
# deprecated
|
9
11
|
class_option :lockbox, type: :boolean
|
10
12
|
|
11
13
|
def copy_migration
|
14
|
+
encryption # ensure valid
|
12
15
|
migration_template "login_activities_migration.rb", "db/migrate/create_login_activities.rb", migration_version: migration_version
|
13
16
|
end
|
14
17
|
|
@@ -17,10 +20,13 @@ module Authtrail
|
|
17
20
|
end
|
18
21
|
|
19
22
|
def generate_model
|
20
|
-
|
23
|
+
case encryption
|
24
|
+
when "lockbox"
|
21
25
|
template "model_lockbox.rb", "app/models/login_activity.rb"
|
26
|
+
when "activerecord"
|
27
|
+
template "model_activerecord.rb", "app/models/login_activity.rb"
|
22
28
|
else
|
23
|
-
template "
|
29
|
+
template "model_none.rb", "app/models/login_activity.rb"
|
24
30
|
end
|
25
31
|
end
|
26
32
|
|
@@ -29,23 +35,40 @@ module Authtrail
|
|
29
35
|
end
|
30
36
|
|
31
37
|
def identity_column
|
32
|
-
|
38
|
+
case encryption
|
39
|
+
when "lockbox"
|
33
40
|
"t.text :identity_ciphertext\n t.string :identity_bidx, index: true"
|
34
41
|
else
|
42
|
+
# TODO add limit: 510 for Active Record encryption + MySQL?
|
35
43
|
"t.string :identity, index: true"
|
36
44
|
end
|
37
45
|
end
|
38
46
|
|
39
47
|
def ip_column
|
40
|
-
|
48
|
+
case encryption
|
49
|
+
when "lockbox"
|
41
50
|
"t.text :ip_ciphertext\n t.string :ip_bidx, index: true"
|
42
51
|
else
|
52
|
+
# TODO add limit: 510 for Active Record encryption + MySQL?
|
43
53
|
"t.string :ip, index: true"
|
44
54
|
end
|
45
55
|
end
|
46
56
|
|
47
|
-
|
48
|
-
|
57
|
+
# TODO remove default
|
58
|
+
def encryption
|
59
|
+
case options[:encryption]
|
60
|
+
when "lockbox", "activerecord", "none"
|
61
|
+
options[:encryption]
|
62
|
+
when nil
|
63
|
+
if options[:lockbox]
|
64
|
+
# TODO deprecation warning
|
65
|
+
"lockbox"
|
66
|
+
else
|
67
|
+
"none"
|
68
|
+
end
|
69
|
+
else
|
70
|
+
abort "Error: encryption must be lockbox, activerecord, or none"
|
71
|
+
end
|
49
72
|
end
|
50
73
|
end
|
51
74
|
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
class LoginActivity < ApplicationRecord
|
2
|
+
belongs_to :user, polymorphic: true, optional: true
|
3
|
+
|
4
|
+
encrypts :identity, deterministic: true
|
5
|
+
encrypts :ip, deterministic: true
|
6
|
+
|
7
|
+
before_save :reduce_precision
|
8
|
+
|
9
|
+
# reduce precision to city level to protect IP
|
10
|
+
def reduce_precision
|
11
|
+
self.latitude = latitude&.round(1) if try(:latitude_changed?)
|
12
|
+
self.longitude = longitude&.round(1) if try(:longitude_changed?)
|
13
|
+
end
|
14
|
+
end
|
File without changes
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authtrail
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Kane
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-12-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: railties
|
@@ -69,8 +69,9 @@ files:
|
|
69
69
|
- lib/generators/authtrail/install_generator.rb
|
70
70
|
- lib/generators/authtrail/templates/initializer.rb.tt
|
71
71
|
- lib/generators/authtrail/templates/login_activities_migration.rb.tt
|
72
|
-
- lib/generators/authtrail/templates/
|
72
|
+
- lib/generators/authtrail/templates/model_activerecord.rb.tt
|
73
73
|
- lib/generators/authtrail/templates/model_lockbox.rb.tt
|
74
|
+
- lib/generators/authtrail/templates/model_none.rb.tt
|
74
75
|
homepage: https://github.com/ankane/authtrail
|
75
76
|
licenses:
|
76
77
|
- MIT
|
@@ -90,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
90
91
|
- !ruby/object:Gem::Version
|
91
92
|
version: '0'
|
92
93
|
requirements: []
|
93
|
-
rubygems_version: 3.2.
|
94
|
+
rubygems_version: 3.2.32
|
94
95
|
signing_key:
|
95
96
|
specification_version: 4
|
96
97
|
summary: Track Devise login activity
|