authtrail 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0d0affe4e892e8dac1a1ddc212ebb6834ef1de340f782de0f4a19dcc230e0a51
-  data.tar.gz: 72b45a58e89181f07ea0c58e3875e67948287a2b1b0fc9aa627eac6be8aee5f8
+  metadata.gz: 686cc3a7c96d52e4cf5ac79c4268bdb0cd9b670978ac23668af4e8e0d4f11b08
+  data.tar.gz: 073fd3fefbe1cee4eca8daa2ee3fe13ea2aefd1c3f3d1d868daafa1fe40b7511
 SHA512:
-  metadata.gz: 25b90ec6e2059c37c405e3e647cc39c12d3ece6a12697ac0403f0ca4b07c7b288ff73194c6fe07af1fed558bd94feb1e870e267dfba5fd6abd8adf5e3a6e18a2
-  data.tar.gz: 18428f49536b942f47d260e6d4251eaaae57c7cc6fddcb3d35fba1a3a6bb8adc8492453530569ab0c21b84181ffd2e92672ea8762ccb1c59dcb8c167c6037127
+  metadata.gz: 5b2afdc6ab493f2d8c3759d9d0d145b518f3447250889ce5013f737629d3bd89248ddb7413d8f75c2452a221ed950404355a9763814bdcfffe158bb89a7a2da7
+  data.tar.gz: ac21a072dd8328cb749a65aedd12188de9cc93501d5ad54bb4ada4b0a56e24bc1cc1116f8d32dfeb3c8a3d28a066258ffc05bbec655c94ec08a30c3ff7e1fee0

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+## 0.1.2
+
+- Added `identity_method` option
+- Fixed geocoding
+
 ## 0.1.1
 
 - Improved strategy detection for failures

data/README.md

@@ -16,7 +16,7 @@ And run:
 
 ```sh
 rails generate authtrail:install
-rake db:migrate
+rails db:migrate
 ```
 
 ## How It Works
@@ -35,40 +35,100 @@ A `LoginActivity` record is created every time a user tries to login. You can th
 - `city`, `region`, and `country` - from IP
 - `created_at` - time of event
 
-IP geocoding is performed in a background job so it doesn’t slow down web requests. You can disable it entirely with:
-
-```ruby
-AuthTrail.geocode = false
-```
-
 ## Features
 
 Exclude certain attempts from tracking - useful if you run acceptance tests
 
 ```ruby
-AuthTrail.exclude_method = proc do |info|
+AuthTrail.exclude_method = lambda do |info|
   info[:identity] == "capybara@example.org"
 end
 ```
 
-Write data somewhere other than the `login_activities` table.
+Write data somewhere other than the `login_activities` table
 
 ```ruby
-AuthTrail.track_method = proc do |info|
+AuthTrail.track_method = lambda do |info|
   # code
 end
 ```
 
+Use a custom identity method [master]
+
+```ruby
+AuthTrail.identity_method = lambda do |request, opts, user|
+  if user
+    user.email
+  else
+    request.params.dig(opts[:scope], :email)
+  end
+end
+```
+
+Associate login activity with your user model
+
+```ruby
+class User < ApplicationRecord
+  has_many :login_activities, as: :user # use :user no matter what your model name
+end
+```
+
+The `LoginActivity` model uses a [polymorphic association](http://guides.rubyonrails.org/association_basics.html#polymorphic-associations) so it can be associated with different user models.
+
+## Geocoding
+
+IP geocoding is performed in a background job so it doesn’t slow down web requests. You can disable it entirely with:
+
+```ruby
+AuthTrail.geocode = false
+```
+
 Set job queue for geocoding
 
 ```ruby
 AuthTrail::GeocodeJob.queue_as :low
 ```
 
+### Geocoding Performance
+
+To avoid calls to a remote API, download the [GeoLite2 City database](https://dev.maxmind.com/geoip/geoip2/geolite2/) and configure Geocoder to use it.
+
+Add this line to your application’s Gemfile:
+
+```ruby
+gem 'maxminddb'
+```
+
+And create an initializer at `config/initializers/geocoder.rb` with:
+
+```ruby
+Geocoder.configure(
+  ip_lookup: :geoip2,
+  geoip2: {
+    file: Rails.root.join("lib", "GeoLite2-City.mmdb")
+  }
+)
+```
+
+## Data Protection
+
+Protect the privacy of your users by encrypting fields that contain personal information, such as `identity` and `ip`. [attr_encrypted](https://github.com/attr-encrypted/attr_encrypted) is great for this.
+
+```ruby
+class LoginActivity < ApplicationRecord
+  attr_encrypted :identity, ...
+  attr_encrypted :ip, ...
+end
+```
+
+You should also make it clear that you collect this information in your privacy policy.
+
 ## Other Notes
 
 We recommend using this in addition to Devise’s `Lockable` module and [Rack::Attack](https://github.com/kickstarter/rack-attack).
 
+Check out [Hardening Devise](https://github.com/ankane/shorts/blob/master/Hardening-Devise.md) and [Secure Rails](https://github.com/ankane/secure_rails) for more best practices.
+
 Works with Rails 5+
 
 ## History

data/app/jobs/auth_trail/geocode_job.rb

@@ -3,7 +3,7 @@ module AuthTrail
     def perform(login_activity)
       result =
         begin
-          Geocoder.search(login_activity.ip).first.try(:data)
+          Geocoder.search(login_activity.ip).first
         rescue => e
           Rails.logger.info "Geocode failed: #{e.message}"
           nil
@@ -11,9 +11,9 @@ module AuthTrail
 
       if result
         login_activity.update!(
-          city: result["city"].presence,
-          region: result["region_name"].presence,
-          country: result["country_name"].presence
+          city: result.try(:city).presence,
+          region: result.try(:state).presence,
+          country: result.try(:country).presence
         )
       end
     end

data/lib/auth_trail/manager.rb

@@ -6,12 +6,10 @@ module AuthTrail
         AuthTrail.safely do
           request = ActionDispatch::Request.new(auth.env)
 
-          identity = user.try(:email)
-
           AuthTrail.track(
             strategy: detect_strategy(auth),
             scope: opts[:scope].to_s,
-            identity: identity,
+            identity: AuthTrail.identity_method.call(request, opts, user),
             success: true,
             request: request,
             user: user
@@ -24,13 +22,10 @@ module AuthTrail
           if opts[:message]
             request = ActionDispatch::Request.new(env)
 
-            scope = opts[:scope]
-            identity = request.params[scope] && request.params[scope][:email] rescue nil
-
             AuthTrail.track(
               strategy: detect_strategy(env["warden"]),
-              scope: scope.to_s,
-              identity: identity,
+              scope: opts[:scope].to_s,
+              identity: AuthTrail.identity_method.call(request, opts, nil),
               success: false,
               request: request,
               failure_reason: opts[:message].to_s

data/lib/auth_trail/version.rb

@@ -1,3 +1,3 @@
 module AuthTrail
-  VERSION = "0.1.1"
+  VERSION = "0.1.2"
 end

data/lib/authtrail.rb

@@ -9,9 +9,17 @@ require "auth_trail/version"
 
 module AuthTrail
   class << self
-    attr_accessor :exclude_method, :geocode, :track_method
+    attr_accessor :exclude_method, :geocode, :track_method, :identity_method
   end
   self.geocode = true
+  self.identity_method = lambda do |request, opts, user|
+    if user
+      user.try(:email)
+    else
+      scope = opts[:scope]
+      request.params[scope] && request.params[scope][:email] rescue nil
+    end
+  end
 
   def self.track(strategy:, scope:, identity:, success:, request:, user: nil, failure_reason: nil)
     info = {
@@ -21,12 +29,15 @@ module AuthTrail
       success: success,
       failure_reason: failure_reason,
       user: user,
-      context: "#{request.params[:controller]}##{request.params[:action]}",
       ip: request.remote_ip,
       user_agent: request.user_agent,
       referrer: request.referrer
     }
 
+    if request.params[:controller]
+      info[:context] = "#{request.params[:controller]}##{request.params[:action]}"
+    end
+
     # if exclude_method throws an exception, default to not excluding
     exclude = AuthTrail.exclude_method && AuthTrail.safely(default: false) { AuthTrail.exclude_method.call(info) }
 

data/lib/generators/authtrail/templates/login_activities_migration.rb

@@ -1,19 +1,19 @@
 class <%= migration_class_name %> < ActiveRecord::Migration<%= migration_version %>
   def change
     create_table :login_activities do |t|
-      t.text :scope
-      t.text :strategy
+      t.string :scope
+      t.string :strategy
       t.string :identity
       t.boolean :success
-      t.text :failure_reason
+      t.string :failure_reason
       t.references :user, polymorphic: true
-      t.text :context
+      t.string :context
       t.string :ip
       t.text :user_agent
       t.text :referrer
-      t.text :city
-      t.text :region
-      t.text :country
+      t.string :city
+      t.string :region
+      t.string :country
       t.datetime :created_at
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authtrail
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2018-07-13 00:00:00.000000000 Z
+date: 2018-07-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -109,20 +109,15 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: 
-email:
-- andrew@chartkick.com
+email: andrew@chartkick.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
 - CHANGELOG.md
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - app/jobs/auth_trail/geocode_job.rb
-- authtrail.gemspec
 - lib/auth_trail/engine.rb
 - lib/auth_trail/manager.rb
 - lib/auth_trail/version.rb
@@ -131,7 +126,8 @@ files:
 - lib/generators/authtrail/templates/login_activities_migration.rb
 - lib/generators/authtrail/templates/login_activity_model.rb
 homepage: https://github.com/ankane/authtrail
-licenses: []
+licenses:
+- MIT
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -141,7 +137,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/.gitignore

@@ -1,9 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-Gemfile.lock

data/Gemfile

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in authtrail.gemspec
-gemspec

data/Rakefile

@@ -1,10 +0,0 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
-end
-
-task default: :test

data/authtrail.gemspec

@@ -1,30 +0,0 @@
-
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "auth_trail/version"
-
-Gem::Specification.new do |spec|
-  spec.name          = "authtrail"
-  spec.version       = AuthTrail::VERSION
-  spec.authors       = ["Andrew Kane"]
-  spec.email         = ["andrew@chartkick.com"]
-
-  spec.summary       = "Track Devise login activity"
-  spec.homepage      = "https://github.com/ankane/authtrail"
-
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-
-  spec.add_dependency "railties", ">= 5"
-  spec.add_dependency "activerecord", ">= 5"
-  spec.add_dependency "warden"
-  spec.add_dependency "geocoder"
-
-  spec.add_development_dependency "bundler"
-  spec.add_development_dependency "rake"
-  spec.add_development_dependency "minitest"
-end