authtrail 0.3.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +23 -1
- data/app/jobs/auth_trail/geocode_job.rb +4 -0
- data/lib/auth_trail/version.rb +1 -1
- data/lib/authtrail.rb +1 -2
- data/lib/generators/authtrail/templates/initializer.rb.tt +2 -2
- metadata +3 -17
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fc8ae231bde9d10834ea6a7fa2fb0cd50a12e351ba2296abb15b743975fad197
|
|
4
|
+
data.tar.gz: c52435deca659cd45a8ed647daccaf8b19e9d7d92374db06be69c63cbcc6b1e3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8531404800e70b37e0f6bca1fd79f690bfe36434efe768c926fa7248f1f50d803de16aa3324ecaa656c142940e69de35f80d2c5f4699f5408fbd92f41e5c24b0
|
|
7
|
+
data.tar.gz: bd4daf16b7ad615477cdbf0592f45d789fa7b6b0ba759c417f6e4e89888e2b4014dae6a2b48333a9863b6b1b0670082f9b9808da327dc790f2e0f173d6d63714
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
Track Devise login activity
|
|
4
4
|
|
|
5
|
+
**AuthTrail 0.4.0 was recently released** - see [how to upgrade](#upgrading)
|
|
6
|
+
|
|
5
7
|
:tangerine: Battle-tested at [Instacart](https://www.instacart.com/opensource)
|
|
6
8
|
|
|
7
9
|
[](https://github.com/ankane/authtrail/actions)
|
|
@@ -28,6 +30,8 @@ rails generate authtrail:install
|
|
|
28
30
|
rails db:migrate
|
|
29
31
|
```
|
|
30
32
|
|
|
33
|
+
To enable geocoding, see the [Geocoding section](#geocoding).
|
|
34
|
+
|
|
31
35
|
## How It Works
|
|
32
36
|
|
|
33
37
|
A `LoginActivity` record is created every time a user tries to login. You can then use this information to detect suspicious behavior. Data includes:
|
|
@@ -104,7 +108,13 @@ The `LoginActivity` model uses a [polymorphic association](https://guides.rubyon
|
|
|
104
108
|
|
|
105
109
|
AuthTrail uses [Geocoder](https://github.com/alexreisner/geocoder) for geocoding. We recommend configuring [local geocoding](#local-geocoding) or [load balancer geocoding](#load-balancer-geocoding) so IP addresses are not sent to a 3rd party service. If you do use a 3rd party service and adhere to GDPR, be sure to add it to your subprocessor list.
|
|
106
110
|
|
|
107
|
-
To enable geocoding,
|
|
111
|
+
To enable geocoding, add this line to your application’s Gemfile:
|
|
112
|
+
|
|
113
|
+
```ruby
|
|
114
|
+
gem 'geocoder'
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
And update `config/initializers/authtrail.rb`:
|
|
108
118
|
|
|
109
119
|
```ruby
|
|
110
120
|
AuthTrail.geocode = true
|
|
@@ -180,6 +190,18 @@ Check out [Hardening Devise](https://ankane.org/hardening-devise) and [Secure Ra
|
|
|
180
190
|
|
|
181
191
|
## Upgrading
|
|
182
192
|
|
|
193
|
+
### 0.4.0
|
|
194
|
+
|
|
195
|
+
There are two notable changes to geocoding:
|
|
196
|
+
|
|
197
|
+
1. Geocoding is now disabled by default (this was already the case for new installations with 0.3.0+). Check out the instructions for [how to enable it](#geocoding) (you may need to create `config/initializers/authtrail.rb`).
|
|
198
|
+
|
|
199
|
+
2. The `geocoder` gem is now an optional dependency. To use geocoding, add it to your Gemfile:
|
|
200
|
+
|
|
201
|
+
```ruby
|
|
202
|
+
gem 'geocoder'
|
|
203
|
+
```
|
|
204
|
+
|
|
183
205
|
### 0.2.0
|
|
184
206
|
|
|
185
207
|
To store latitude and longitude, create a migration with:
|
|
@@ -8,6 +8,9 @@ module AuthTrail
|
|
|
8
8
|
result =
|
|
9
9
|
begin
|
|
10
10
|
Geocoder.search(login_activity.ip).first
|
|
11
|
+
rescue NameError
|
|
12
|
+
# geocoder gem not installed
|
|
13
|
+
raise
|
|
11
14
|
rescue => e
|
|
12
15
|
Rails.logger.info "Geocode failed: #{e.message}"
|
|
13
16
|
nil
|
|
@@ -18,6 +21,7 @@ module AuthTrail
|
|
|
18
21
|
city: result.try(:city),
|
|
19
22
|
region: result.try(:state),
|
|
20
23
|
country: result.try(:country),
|
|
24
|
+
country_code: result.try(:country_code),
|
|
21
25
|
latitude: result.try(:latitude),
|
|
22
26
|
longitude: result.try(:longitude)
|
|
23
27
|
}
|
data/lib/auth_trail/version.rb
CHANGED
data/lib/authtrail.rb
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# dependencies
|
|
2
|
-
require "geocoder"
|
|
3
2
|
require "warden"
|
|
4
3
|
|
|
5
4
|
# modules
|
|
@@ -11,7 +10,7 @@ module AuthTrail
|
|
|
11
10
|
class << self
|
|
12
11
|
attr_accessor :exclude_method, :geocode, :track_method, :identity_method, :job_queue, :transform_method
|
|
13
12
|
end
|
|
14
|
-
self.geocode =
|
|
13
|
+
self.geocode = false
|
|
15
14
|
self.identity_method = lambda do |request, opts, user|
|
|
16
15
|
if user
|
|
17
16
|
user.try(:email)
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
# set to true for geocoding
|
|
2
|
-
# we recommend configuring local geocoding
|
|
1
|
+
# set to true for geocoding (and add the geocoder gem to your Gemfile)
|
|
2
|
+
# we recommend configuring local geocoding as well
|
|
3
3
|
# see https://github.com/ankane/authtrail#geocoding
|
|
4
4
|
AuthTrail.geocode = false
|
|
5
5
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authtrail
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andrew Kane
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-08-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -52,20 +52,6 @@ dependencies:
|
|
|
52
52
|
- - ">="
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
54
|
version: '0'
|
|
55
|
-
- !ruby/object:Gem::Dependency
|
|
56
|
-
name: geocoder
|
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
|
58
|
-
requirements:
|
|
59
|
-
- - ">="
|
|
60
|
-
- !ruby/object:Gem::Version
|
|
61
|
-
version: '0'
|
|
62
|
-
type: :runtime
|
|
63
|
-
prerelease: false
|
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
-
requirements:
|
|
66
|
-
- - ">="
|
|
67
|
-
- !ruby/object:Gem::Version
|
|
68
|
-
version: '0'
|
|
69
55
|
description:
|
|
70
56
|
email: andrew@ankane.org
|
|
71
57
|
executables: []
|
|
@@ -104,7 +90,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
104
90
|
- !ruby/object:Gem::Version
|
|
105
91
|
version: '0'
|
|
106
92
|
requirements: []
|
|
107
|
-
rubygems_version: 3.2.
|
|
93
|
+
rubygems_version: 3.2.22
|
|
108
94
|
signing_key:
|
|
109
95
|
specification_version: 4
|
|
110
96
|
summary: Track Devise login activity
|