authtrail 0.4.1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 22c5cb73374854a16a8581aad0618cf66033a7346784b16213ed58bb74d56b6b
4
- data.tar.gz: 6666d786ba53acf7169c39e02eefcfdc7ae4211f26482bb47f142ca31d22885c
3
+ metadata.gz: ff58207c013a0181500aea1886029896cae2af4fe0cf8dbf65bd1545e0637f4a
4
+ data.tar.gz: f2b530b002daaa2ca52f2dbf471199e9fcfc13c04c9c821df139b9e6e909eecc
5
5
  SHA512:
6
- metadata.gz: 6c429f790573ad4814b6c92eeff96cfc03b9b283046c5e1c23c425346674071792607c2f1c2f762ab588acaeb70badab8dafccaea38cc92c0c6944f63b7079fa
7
- data.tar.gz: 9bfd5a70268d39c89f9792b3f3b6435935b55c11f201d690991053067e456b214463f912adce3dc879cb39f515322139a9cb690d7ca89ee98debb1640150d32d
6
+ metadata.gz: 94ec2b6986bef058156630c1dccf900c366f1b9c2aaf84703c5372370dbf305af698c554c9e1b5f0ca64d144cd934c065499ac745c711a98d8dfe33c3138ed5b
7
+ data.tar.gz: ae73465fd479199a31cabed9a87a6afdf6acca838de32c8b329f2da061709229046812584dfce1a9a8fdb4650834a5b2a4f2928ac7ea0d6e0cbf50da98e2c4c2
data/CHANGELOG.md CHANGED
@@ -1,10 +1,15 @@
1
+ ## 0.4.2 (2021-12-13)
2
+
3
+ - Added experimental support for Active Record encryption
4
+ - Fixed error with Rails 7 rc1
5
+
1
6
  ## 0.4.1 (2021-08-14)
2
7
 
3
8
  - Improved error message when `geocoder` gem not installed
4
9
 
5
10
  ## 0.4.0 (2021-08-13)
6
11
 
7
- - Disabled geocoding by default
12
+ - Disabled geocoding by default (this was already the case for new installations with 0.3.0+)
8
13
  - Made the `geocoder` gem an optional dependency
9
14
  - Added `country_code` to geocoding
10
15
 
data/README.md CHANGED
@@ -16,17 +16,24 @@ Add this line to your application’s Gemfile:
16
16
  gem 'authtrail'
17
17
  ```
18
18
 
19
- To encrypt email and IP addresses, install [Lockbox](https://github.com/ankane/lockbox) and [Blind Index](https://github.com/ankane/blind_index) and run:
19
+ To encrypt email and IP addresses with Lockbox, install [Lockbox](https://github.com/ankane/lockbox) and [Blind Index](https://github.com/ankane/blind_index) and run:
20
20
 
21
21
  ```sh
22
- rails generate authtrail:install --lockbox
22
+ rails generate authtrail:install --encryption=lockbox
23
+ rails db:migrate
24
+ ```
25
+
26
+ To use Active Record encryption (Rails 7+, experimental, unreleased), run:
27
+
28
+ ```sh
29
+ rails generate authtrail:install --encryption=activerecord
23
30
  rails db:migrate
24
31
  ```
25
32
 
26
33
  If you prefer not to encrypt data, run:
27
34
 
28
35
  ```sh
29
- rails generate authtrail:install
36
+ rails generate authtrail:install --encryption=none
30
37
  rails db:migrate
31
38
  ```
32
39
 
@@ -183,6 +190,20 @@ end
183
190
 
184
191
  Check out [this example](https://github.com/ankane/authtrail/issues/40)
185
192
 
193
+ ## Data Retention
194
+
195
+ Delete older data with:
196
+
197
+ ```ruby
198
+ LoginActivity.where("created_at < ?", 2.years.ago).in_batches.delete_all
199
+ ```
200
+
201
+ Delete data for a specific user with:
202
+
203
+ ```ruby
204
+ LoginActivity.where(user_id: 1, user_type: "User").in_batches.delete_all
205
+ ```
206
+
186
207
  ## Other Notes
187
208
 
188
209
  We recommend using this in addition to Devise’s `Lockable` module and [Rack::Attack](https://github.com/kickstarter/rack-attack).
@@ -1,3 +1,4 @@
1
+ require "active_support"
1
2
  require "rails/engine"
2
3
 
3
4
  module AuthTrail
@@ -1,3 +1,3 @@
1
1
  module AuthTrail
2
- VERSION = "0.4.1"
2
+ VERSION = "0.4.2"
3
3
  end
@@ -6,9 +6,12 @@ module Authtrail
6
6
  include ActiveRecord::Generators::Migration
7
7
  source_root File.join(__dir__, "templates")
8
8
 
9
+ class_option :encryption, type: :string
10
+ # deprecated
9
11
  class_option :lockbox, type: :boolean
10
12
 
11
13
  def copy_migration
14
+ encryption # ensure valid
12
15
  migration_template "login_activities_migration.rb", "db/migrate/create_login_activities.rb", migration_version: migration_version
13
16
  end
14
17
 
@@ -17,10 +20,13 @@ module Authtrail
17
20
  end
18
21
 
19
22
  def generate_model
20
- if lockbox?
23
+ case encryption
24
+ when "lockbox"
21
25
  template "model_lockbox.rb", "app/models/login_activity.rb"
26
+ when "activerecord"
27
+ template "model_activerecord.rb", "app/models/login_activity.rb"
22
28
  else
23
- template "model.rb", "app/models/login_activity.rb"
29
+ template "model_none.rb", "app/models/login_activity.rb"
24
30
  end
25
31
  end
26
32
 
@@ -29,23 +35,40 @@ module Authtrail
29
35
  end
30
36
 
31
37
  def identity_column
32
- if lockbox?
38
+ case encryption
39
+ when "lockbox"
33
40
  "t.text :identity_ciphertext\n t.string :identity_bidx, index: true"
34
41
  else
42
+ # TODO add limit: 510 for Active Record encryption + MySQL?
35
43
  "t.string :identity, index: true"
36
44
  end
37
45
  end
38
46
 
39
47
  def ip_column
40
- if lockbox?
48
+ case encryption
49
+ when "lockbox"
41
50
  "t.text :ip_ciphertext\n t.string :ip_bidx, index: true"
42
51
  else
52
+ # TODO add limit: 510 for Active Record encryption + MySQL?
43
53
  "t.string :ip, index: true"
44
54
  end
45
55
  end
46
56
 
47
- def lockbox?
48
- options[:lockbox]
57
+ # TODO remove default
58
+ def encryption
59
+ case options[:encryption]
60
+ when "lockbox", "activerecord", "none"
61
+ options[:encryption]
62
+ when nil
63
+ if options[:lockbox]
64
+ # TODO deprecation warning
65
+ "lockbox"
66
+ else
67
+ "none"
68
+ end
69
+ else
70
+ abort "Error: encryption must be lockbox, activerecord, or none"
71
+ end
49
72
  end
50
73
  end
51
74
  end
@@ -0,0 +1,14 @@
1
+ class LoginActivity < ApplicationRecord
2
+ belongs_to :user, polymorphic: true, optional: true
3
+
4
+ encrypts :identity, deterministic: true
5
+ encrypts :ip, deterministic: true
6
+
7
+ before_save :reduce_precision
8
+
9
+ # reduce precision to city level to protect IP
10
+ def reduce_precision
11
+ self.latitude = latitude&.round(1) if try(:latitude_changed?)
12
+ self.longitude = longitude&.round(1) if try(:longitude_changed?)
13
+ end
14
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authtrail
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Kane
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-14 00:00:00.000000000 Z
11
+ date: 2021-12-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -69,8 +69,9 @@ files:
69
69
  - lib/generators/authtrail/install_generator.rb
70
70
  - lib/generators/authtrail/templates/initializer.rb.tt
71
71
  - lib/generators/authtrail/templates/login_activities_migration.rb.tt
72
- - lib/generators/authtrail/templates/model.rb.tt
72
+ - lib/generators/authtrail/templates/model_activerecord.rb.tt
73
73
  - lib/generators/authtrail/templates/model_lockbox.rb.tt
74
+ - lib/generators/authtrail/templates/model_none.rb.tt
74
75
  homepage: https://github.com/ankane/authtrail
75
76
  licenses:
76
77
  - MIT
@@ -90,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
90
91
  - !ruby/object:Gem::Version
91
92
  version: '0'
92
93
  requirements: []
93
- rubygems_version: 3.2.22
94
+ rubygems_version: 3.2.32
94
95
  signing_key:
95
96
  specification_version: 4
96
97
  summary: Track Devise login activity