authtrail 0.4.1 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -1
- data/README.md +28 -7
- data/lib/auth_trail/engine.rb +1 -0
- data/lib/auth_trail/version.rb +1 -1
- data/lib/generators/authtrail/install_generator.rb +38 -7
- data/lib/generators/authtrail/templates/model_activerecord.rb.tt +14 -0
- data/lib/generators/authtrail/templates/model_lockbox.rb.tt +1 -1
- metadata +5 -4
- /data/lib/generators/authtrail/templates/{model.rb.tt → model_none.rb.tt} +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 00a8cfabe2cfddb7349c055c13db2b56080409058ba48813310c6218a6b34fba
|
|
4
|
+
data.tar.gz: 59190df662382f672ad17c753d1eee6c0f8afacb68f7e082ed8766f188487d66
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c9137421c5e8f4c91be7dae62ccc9f12a831da6ae6fb390cfca766274045135c130f3cd9b0b5178d041be1348c527f39cc1aa0c986c798634e68300ee1c5a0a7
|
|
7
|
+
data.tar.gz: fa139b3a9df804feb52fa3823a67fb88781cefeda509d5719caf3f98c793e1aaaaecec553e8d1b1f08c03da8c4886b8e42400158e04aef12c34d404045b7b799
|
data/CHANGELOG.md
CHANGED
|
@@ -1,10 +1,19 @@
|
|
|
1
|
+
## 0.4.3 (2022-06-12)
|
|
2
|
+
|
|
3
|
+
- Updated install generator for Lockbox 1.0
|
|
4
|
+
|
|
5
|
+
## 0.4.2 (2021-12-13)
|
|
6
|
+
|
|
7
|
+
- Added experimental support for Active Record encryption
|
|
8
|
+
- Fixed error with Rails 7 rc1
|
|
9
|
+
|
|
1
10
|
## 0.4.1 (2021-08-14)
|
|
2
11
|
|
|
3
12
|
- Improved error message when `geocoder` gem not installed
|
|
4
13
|
|
|
5
14
|
## 0.4.0 (2021-08-13)
|
|
6
15
|
|
|
7
|
-
- Disabled geocoding by default
|
|
16
|
+
- Disabled geocoding by default (this was already the case for new installations with 0.3.0+)
|
|
8
17
|
- Made the `geocoder` gem an optional dependency
|
|
9
18
|
- Added `country_code` to geocoding
|
|
10
19
|
|
data/README.md
CHANGED
|
@@ -13,20 +13,27 @@ Track Devise login activity
|
|
|
13
13
|
Add this line to your application’s Gemfile:
|
|
14
14
|
|
|
15
15
|
```ruby
|
|
16
|
-
gem
|
|
16
|
+
gem "authtrail"
|
|
17
17
|
```
|
|
18
18
|
|
|
19
|
-
To encrypt email and IP addresses, install [Lockbox](https://github.com/ankane/lockbox) and [Blind Index](https://github.com/ankane/blind_index) and run:
|
|
19
|
+
To encrypt email and IP addresses with Lockbox, install [Lockbox](https://github.com/ankane/lockbox) and [Blind Index](https://github.com/ankane/blind_index) and run:
|
|
20
20
|
|
|
21
21
|
```sh
|
|
22
|
-
rails generate authtrail:install --lockbox
|
|
22
|
+
rails generate authtrail:install --encryption=lockbox
|
|
23
|
+
rails db:migrate
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
To use Active Record encryption (Rails 7+, experimental), run:
|
|
27
|
+
|
|
28
|
+
```sh
|
|
29
|
+
rails generate authtrail:install --encryption=activerecord
|
|
23
30
|
rails db:migrate
|
|
24
31
|
```
|
|
25
32
|
|
|
26
33
|
If you prefer not to encrypt data, run:
|
|
27
34
|
|
|
28
35
|
```sh
|
|
29
|
-
rails generate authtrail:install
|
|
36
|
+
rails generate authtrail:install --encryption=none
|
|
30
37
|
rails db:migrate
|
|
31
38
|
```
|
|
32
39
|
|
|
@@ -111,7 +118,7 @@ AuthTrail uses [Geocoder](https://github.com/alexreisner/geocoder) for geocoding
|
|
|
111
118
|
To enable geocoding, add this line to your application’s Gemfile:
|
|
112
119
|
|
|
113
120
|
```ruby
|
|
114
|
-
gem
|
|
121
|
+
gem "geocoder"
|
|
115
122
|
```
|
|
116
123
|
|
|
117
124
|
And update `config/initializers/authtrail.rb`:
|
|
@@ -131,7 +138,7 @@ AuthTrail.job_queue = :low_priority
|
|
|
131
138
|
For privacy and performance, we recommend geocoding locally. Add this line to your application’s Gemfile:
|
|
132
139
|
|
|
133
140
|
```ruby
|
|
134
|
-
gem
|
|
141
|
+
gem "maxminddb"
|
|
135
142
|
```
|
|
136
143
|
|
|
137
144
|
For city-level geocoding, download the [GeoLite2 City database](https://dev.maxmind.com/geoip/geoip2/geolite2/) and create `config/initializers/geocoder.rb` with:
|
|
@@ -183,6 +190,20 @@ end
|
|
|
183
190
|
|
|
184
191
|
Check out [this example](https://github.com/ankane/authtrail/issues/40)
|
|
185
192
|
|
|
193
|
+
## Data Retention
|
|
194
|
+
|
|
195
|
+
Delete older data with:
|
|
196
|
+
|
|
197
|
+
```ruby
|
|
198
|
+
LoginActivity.where("created_at < ?", 2.years.ago).in_batches.delete_all
|
|
199
|
+
```
|
|
200
|
+
|
|
201
|
+
Delete data for a specific user with:
|
|
202
|
+
|
|
203
|
+
```ruby
|
|
204
|
+
LoginActivity.where(user_id: 1, user_type: "User").in_batches.delete_all
|
|
205
|
+
```
|
|
206
|
+
|
|
186
207
|
## Other Notes
|
|
187
208
|
|
|
188
209
|
We recommend using this in addition to Devise’s `Lockable` module and [Rack::Attack](https://github.com/kickstarter/rack-attack).
|
|
@@ -200,7 +221,7 @@ There are two notable changes to geocoding:
|
|
|
200
221
|
2. The `geocoder` gem is now an optional dependency. To use geocoding, add it to your Gemfile:
|
|
201
222
|
|
|
202
223
|
```ruby
|
|
203
|
-
gem
|
|
224
|
+
gem "geocoder"
|
|
204
225
|
```
|
|
205
226
|
|
|
206
227
|
### 0.2.0
|
data/lib/auth_trail/engine.rb
CHANGED
data/lib/auth_trail/version.rb
CHANGED
|
@@ -6,9 +6,12 @@ module Authtrail
|
|
|
6
6
|
include ActiveRecord::Generators::Migration
|
|
7
7
|
source_root File.join(__dir__, "templates")
|
|
8
8
|
|
|
9
|
+
class_option :encryption, type: :string
|
|
10
|
+
# deprecated
|
|
9
11
|
class_option :lockbox, type: :boolean
|
|
10
12
|
|
|
11
13
|
def copy_migration
|
|
14
|
+
encryption # ensure valid
|
|
12
15
|
migration_template "login_activities_migration.rb", "db/migrate/create_login_activities.rb", migration_version: migration_version
|
|
13
16
|
end
|
|
14
17
|
|
|
@@ -17,10 +20,13 @@ module Authtrail
|
|
|
17
20
|
end
|
|
18
21
|
|
|
19
22
|
def generate_model
|
|
20
|
-
|
|
21
|
-
|
|
23
|
+
case encryption
|
|
24
|
+
when "lockbox"
|
|
25
|
+
template "model_lockbox.rb", "app/models/login_activity.rb", lockbox_method: lockbox_method
|
|
26
|
+
when "activerecord"
|
|
27
|
+
template "model_activerecord.rb", "app/models/login_activity.rb"
|
|
22
28
|
else
|
|
23
|
-
template "
|
|
29
|
+
template "model_none.rb", "app/models/login_activity.rb"
|
|
24
30
|
end
|
|
25
31
|
end
|
|
26
32
|
|
|
@@ -29,23 +35,48 @@ module Authtrail
|
|
|
29
35
|
end
|
|
30
36
|
|
|
31
37
|
def identity_column
|
|
32
|
-
|
|
38
|
+
case encryption
|
|
39
|
+
when "lockbox"
|
|
33
40
|
"t.text :identity_ciphertext\n t.string :identity_bidx, index: true"
|
|
34
41
|
else
|
|
42
|
+
# TODO add limit: 510 for Active Record encryption + MySQL?
|
|
35
43
|
"t.string :identity, index: true"
|
|
36
44
|
end
|
|
37
45
|
end
|
|
38
46
|
|
|
39
47
|
def ip_column
|
|
40
|
-
|
|
48
|
+
case encryption
|
|
49
|
+
when "lockbox"
|
|
41
50
|
"t.text :ip_ciphertext\n t.string :ip_bidx, index: true"
|
|
42
51
|
else
|
|
52
|
+
# TODO add limit: 510 for Active Record encryption + MySQL?
|
|
43
53
|
"t.string :ip, index: true"
|
|
44
54
|
end
|
|
45
55
|
end
|
|
46
56
|
|
|
47
|
-
|
|
48
|
-
|
|
57
|
+
# TODO remove default
|
|
58
|
+
def encryption
|
|
59
|
+
case options[:encryption]
|
|
60
|
+
when "lockbox", "activerecord", "none"
|
|
61
|
+
options[:encryption]
|
|
62
|
+
when nil
|
|
63
|
+
if options[:lockbox]
|
|
64
|
+
# TODO deprecation warning
|
|
65
|
+
"lockbox"
|
|
66
|
+
else
|
|
67
|
+
"none"
|
|
68
|
+
end
|
|
69
|
+
else
|
|
70
|
+
abort "Error: encryption must be lockbox, activerecord, or none"
|
|
71
|
+
end
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def lockbox_method
|
|
75
|
+
if defined?(Lockbox::VERSION) && Lockbox::VERSION.to_i < 1
|
|
76
|
+
"encrypts"
|
|
77
|
+
else
|
|
78
|
+
"has_encrypted"
|
|
79
|
+
end
|
|
49
80
|
end
|
|
50
81
|
end
|
|
51
82
|
end
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
class LoginActivity < ApplicationRecord
|
|
2
|
+
belongs_to :user, polymorphic: true, optional: true
|
|
3
|
+
|
|
4
|
+
encrypts :identity, deterministic: true
|
|
5
|
+
encrypts :ip, deterministic: true
|
|
6
|
+
|
|
7
|
+
before_save :reduce_precision
|
|
8
|
+
|
|
9
|
+
# reduce precision to city level to protect IP
|
|
10
|
+
def reduce_precision
|
|
11
|
+
self.latitude = latitude&.round(1) if try(:latitude_changed?)
|
|
12
|
+
self.longitude = longitude&.round(1) if try(:longitude_changed?)
|
|
13
|
+
end
|
|
14
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authtrail
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-06-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -69,8 +69,9 @@ files:
|
|
|
69
69
|
- lib/generators/authtrail/install_generator.rb
|
|
70
70
|
- lib/generators/authtrail/templates/initializer.rb.tt
|
|
71
71
|
- lib/generators/authtrail/templates/login_activities_migration.rb.tt
|
|
72
|
-
- lib/generators/authtrail/templates/
|
|
72
|
+
- lib/generators/authtrail/templates/model_activerecord.rb.tt
|
|
73
73
|
- lib/generators/authtrail/templates/model_lockbox.rb.tt
|
|
74
|
+
- lib/generators/authtrail/templates/model_none.rb.tt
|
|
74
75
|
homepage: https://github.com/ankane/authtrail
|
|
75
76
|
licenses:
|
|
76
77
|
- MIT
|
|
@@ -90,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
90
91
|
- !ruby/object:Gem::Version
|
|
91
92
|
version: '0'
|
|
92
93
|
requirements: []
|
|
93
|
-
rubygems_version: 3.
|
|
94
|
+
rubygems_version: 3.3.7
|
|
94
95
|
signing_key:
|
|
95
96
|
specification_version: 4
|
|
96
97
|
summary: Track Devise login activity
|
|
File without changes
|