beskar 0.0.2 → 0.1.0

data/app/views/beskar/banned_ips/show.html.erb

@@ -0,0 +1,310 @@
+<% content_for :page_title, "Banned IP: #{@banned_ip.ip_address}" %>
+
+<% content_for :header_actions do %>
+  <%= link_to "← Back to Banned IPs", banned_ips_path, class: "btn btn-secondary" %>
+  <%= link_to "Edit", edit_banned_ip_path(@banned_ip), class: "btn btn-secondary" %>
+  <%= link_to "Unban", banned_ip_path(@banned_ip),
+      data: {
+        "turbo-method": "delete",
+        "turbo-confirm": "Are you sure you want to unban #{@banned_ip.ip_address}?"
+      },
+      class: "btn btn-danger" %>
+<% end %>
+
+<!-- Ban Overview -->
+<div class="card">
+  <div class="card-header">
+    <h3 class="card-title">Ban Details</h3>
+    <div class="card-subtitle">IP Address: <%= @banned_ip.ip_address %></div>
+  </div>
+  <div class="card-body">
+    <div style="display: grid; grid-template-columns: repeat(auto-fit, minmax(250px, 1fr)); gap: 1.5rem;">
+      <!-- IP Address -->
+      <div>
+        <div style="font-size: 12px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-bottom: 0.5rem;">
+          IP Address
+        </div>
+        <div style="font-family: monospace; font-size: 18px; font-weight: 500; color: #1A1F36;">
+          <%= @banned_ip.ip_address %>
+        </div>
+        <% if @banned_ip.metadata&.dig("geolocation") %>
+          <div style="font-size: 13px; color: #697386; margin-top: 0.25rem;">
+            <%= [@banned_ip.metadata.dig("geolocation", "city"),
+                 @banned_ip.metadata.dig("geolocation", "region"),
+                 @banned_ip.metadata.dig("geolocation", "country")].compact.join(", ") %>
+          </div>
+        <% end %>
+      </div>
+
+      <!-- Status -->
+      <div>
+        <div style="font-size: 12px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-bottom: 0.5rem;">
+          Status
+        </div>
+        <div style="display: flex; align-items: center; gap: 0.75rem;">
+          <% if @banned_ip.permanent? %>
+            <span class="badge badge-critical">Permanent Ban</span>
+          <% elsif @banned_ip.active? %>
+            <span class="badge badge-danger">Active</span>
+          <% else %>
+            <span class="badge badge-neutral">Expired</span>
+          <% end %>
+        </div>
+        <% if @banned_ip.active? && !@banned_ip.permanent? && @banned_ip.expires_at %>
+          <div style="font-size: 13px; color: #697386; margin-top: 0.5rem;">
+            Expires in <%= distance_of_time_in_words(Time.current, @banned_ip.expires_at) %>
+          </div>
+        <% end %>
+      </div>
+
+      <!-- Reason -->
+      <div>
+        <div style="font-size: 12px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-bottom: 0.5rem;">
+          Ban Reason
+        </div>
+        <div style="font-size: 14px; color: #1A1F36;">
+          <%= @banned_ip.reason.humanize %>
+        </div>
+        <% if @banned_ip.details.present? %>
+          <div style="font-size: 13px; color: #697386; margin-top: 0.25rem;">
+            <%= @banned_ip.details %>
+          </div>
+        <% end %>
+      </div>
+
+      <!-- Banned At -->
+      <div>
+        <div style="font-size: 12px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-bottom: 0.5rem;">
+          Banned At
+        </div>
+        <div style="font-size: 14px; color: #1A1F36;">
+          <%= @banned_ip.banned_at.strftime("%B %d, %Y") %>
+        </div>
+        <div style="font-size: 13px; color: #697386; margin-top: 0.25rem;">
+          <%= @banned_ip.banned_at.strftime("%H:%M:%S %Z") %>
+          (<%= time_ago_in_words(@banned_ip.banned_at) %> ago)
+        </div>
+      </div>
+
+      <!-- Expires At -->
+      <div>
+        <div style="font-size: 12px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-bottom: 0.5rem;">
+          Expires At
+        </div>
+        <% if @banned_ip.permanent? %>
+          <div style="font-size: 14px; color: #D32F2F; font-weight: 500;">
+            Never (Permanent Ban)
+          </div>
+        <% elsif @banned_ip.expires_at %>
+          <div style="font-size: 14px; color: #1A1F36;">
+            <%= @banned_ip.expires_at.strftime("%B %d, %Y") %>
+          </div>
+          <div style="font-size: 13px; color: #697386; margin-top: 0.25rem;">
+            <%= @banned_ip.expires_at.strftime("%H:%M:%S %Z") %>
+          </div>
+        <% else %>
+          <div style="color: #C1C7D0;">Not set</div>
+        <% end %>
+      </div>
+
+      <!-- Violation Count -->
+      <div>
+        <div style="font-size: 12px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-bottom: 0.5rem;">
+          Violation Count
+        </div>
+        <div style="font-size: 24px; font-weight: 600; color: <%= @banned_ip.violation_count > 3 ? '#D32F2F' : '#1A1F36' %>;">
+          <%= @banned_ip.violation_count %>
+        </div>
+        <% if @banned_ip.violation_count > 0 %>
+          <div style="font-size: 13px; color: #697386; margin-top: 0.25rem;">
+            <%= @banned_ip.violation_count == 1 ? 'violation' : 'violations' %> recorded
+          </div>
+        <% end %>
+      </div>
+    </div>
+  </div>
+</div>
+
+<!-- Statistics -->
+<div class="card">
+  <div class="card-header">
+    <h3 class="card-title">IP Statistics</h3>
+    <div class="card-subtitle">Activity summary for <%= @banned_ip.ip_address %></div>
+  </div>
+  <div class="card-body">
+    <div style="display: grid; grid-template-columns: repeat(auto-fit, minmax(150px, 1fr)); gap: 1rem;">
+      <div style="text-align: center; padding: 1rem; background: #FAFBFC; border-radius: 6px;">
+        <div style="font-size: 24px; font-weight: 600; color: #1A1F36;">
+          <%= @stats[:total_events] %>
+        </div>
+        <div style="font-size: 11px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-top: 0.25rem;">
+          Total Events
+        </div>
+      </div>
+
+      <div style="text-align: center; padding: 1rem; background: #FAFBFC; border-radius: 6px;">
+        <div style="font-size: 24px; font-weight: 600; color: <%= @stats[:avg_risk_score] > 70 ? '#E91E63' : '#1A1F36' %>;">
+          <%= @stats[:avg_risk_score] %>
+        </div>
+        <div style="font-size: 11px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-top: 0.25rem;">
+          Avg Risk Score
+        </div>
+      </div>
+
+      <div style="text-align: center; padding: 1rem; background: #FAFBFC; border-radius: 6px;">
+        <div style="font-size: 24px; font-weight: 600; color: <%= @stats[:max_risk_score] > 85 ? '#D32F2F' : '#1A1F36' %>;">
+          <%= @stats[:max_risk_score] %>
+        </div>
+        <div style="font-size: 11px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-top: 0.25rem;">
+          Max Risk Score
+        </div>
+      </div>
+
+      <% if @stats[:first_seen] %>
+        <div style="text-align: center; padding: 1rem; background: #FAFBFC; border-radius: 6px;">
+          <div style="font-size: 13px; font-weight: 500; color: #1A1F36;">
+            <%= @stats[:first_seen].strftime("%Y-%m-%d") %>
+          </div>
+          <div style="font-size: 11px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-top: 0.25rem;">
+            First Seen
+          </div>
+        </div>
+      <% end %>
+
+      <% if @stats[:last_seen] %>
+        <div style="text-align: center; padding: 1rem; background: #FAFBFC; border-radius: 6px;">
+          <div style="font-size: 13px; font-weight: 500; color: #1A1F36;">
+            <%= @stats[:last_seen].strftime("%Y-%m-%d") %>
+          </div>
+          <div style="font-size: 11px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.025em; color: #697386; margin-top: 0.25rem;">
+            Last Seen
+          </div>
+        </div>
+      <% end %>
+    </div>
+  </div>
+</div>
+
+<!-- Metadata -->
+<% if @banned_ip.metadata.present? && @banned_ip.metadata.any? %>
+  <div class="card">
+    <div class="card-header">
+      <h3 class="card-title">Additional Metadata</h3>
+    </div>
+    <div class="card-body">
+      <pre style="font-family: monospace; font-size: 12px; background: #F4F5F7; padding: 1rem; border-radius: 6px; overflow-x: auto;"><%= JSON.pretty_generate(@banned_ip.metadata) %></pre>
+    </div>
+  </div>
+<% end %>
+
+<!-- Related Security Events -->
+<% if @related_events.any? %>
+  <div class="card">
+    <div class="card-header">
+      <h3 class="card-title">Related Security Events</h3>
+      <div class="card-subtitle"><%= @related_events.count %> events from this IP address</div>
+    </div>
+    <div class="card-body" style="padding: 0;">
+      <div class="table-container">
+        <table>
+          <thead>
+            <tr>
+              <th>Time</th>
+              <th>Event Type</th>
+              <th>User</th>
+              <th>Risk Score</th>
+              <th>Details</th>
+              <th>Actions</th>
+            </tr>
+          </thead>
+          <tbody>
+            <% @related_events.each do |event| %>
+              <tr>
+                <td>
+                  <div style="font-size: 13px;">
+                    <%= event.created_at.strftime("%Y-%m-%d") %>
+                  </div>
+                  <div style="font-size: 11px; color: #697386;">
+                    <%= event.created_at.strftime("%H:%M:%S") %>
+                  </div>
+                </td>
+                <td>
+                  <div style="font-size: 13px;">
+                    <%= format_event_type(event.event_type) %>
+                  </div>
+                  <div style="font-size: 11px; color: #697386;">
+                    <%= event.event_type %>
+                  </div>
+                </td>
+                <td>
+                  <% if event.user %>
+                    <div style="font-size: 13px;">
+                      <%= event.user.try(:email) || "User ##{event.user_id}" %>
+                    </div>
+                  <% elsif event.attempted_email %>
+                    <div style="font-size: 13px; color: #697386;">
+                      <%= event.attempted_email %>
+                    </div>
+                  <% else %>
+                    <span style="color: #C1C7D0;">-</span>
+                  <% end %>
+                </td>
+                <td>
+                  <span class="badge badge-<%= risk_level_class(event.risk_score) %>">
+                    <%= event.risk_score %>
+                  </span>
+                </td>
+                <td>
+                  <div style="font-size: 12px; max-width: 200px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;">
+                    <%= event.details || event.metadata&.dig("message") || "-" %>
+                  </div>
+                </td>
+                <td>
+                  <%= link_to "View", security_event_path(event), class: "btn btn-sm btn-secondary" %>
+                </td>
+              </tr>
+            <% end %>
+          </tbody>
+        </table>
+      </div>
+      <% if @related_events.count >= 20 %>
+        <div style="padding: 1rem; text-align: center; border-top: 1px solid #E3E8EE;">
+          <%= link_to "View All Events from this IP →", security_events_path(ip_address: @banned_ip.ip_address),
+              style: "color: var(--primary); text-decoration: none; font-size: 13px; font-weight: 500;" %>
+        </div>
+      <% end %>
+    </div>
+  </div>
+<% end %>
+
+<!-- Actions -->
+<div style="display: flex; gap: 1rem; margin-top: 2rem;">
+  <%= link_to "← Back to Banned IPs", banned_ips_path, class: "btn btn-secondary" %>
+  <%= link_to "Edit Ban", edit_banned_ip_path(@banned_ip), class: "btn btn-secondary" %>
+
+  <% if @banned_ip.active? && !@banned_ip.permanent? %>
+    <div style="display: flex; gap: 0.5rem; margin-left: auto;">
+      <%= form_with url: extend_banned_ip_path(@banned_ip), method: :post, local: true, style: "display: flex; gap: 0.5rem;" do |f| %>
+        <%= select_tag :duration,
+            options_for_select([
+              ['Extend 1 hour', '1h'],
+              ['Extend 6 hours', '6h'],
+              ['Extend 24 hours', '24h'],
+              ['Extend 7 days', '7d'],
+              ['Extend 30 days', '30d'],
+              ['Make Permanent', 'permanent']
+            ]),
+            style: "padding: 0.5rem 0.75rem; font-size: 14px;" %>
+        <%= submit_tag "Extend Ban", class: "btn btn-warning" %>
+      <% end %>
+    </div>
+  <% end %>
+
+  <%= link_to "Unban IP", banned_ip_path(@banned_ip),
+      data: {
+        "turbo-method": "delete",
+        "turbo-confirm": "Are you sure you want to unban #{@banned_ip.ip_address}?"
+      },
+      class: "btn btn-danger",
+      style: "margin-left: #{ @banned_ip.active? && !@banned_ip.permanent? ? '0' : 'auto' };" %>
+</div>

data/app/views/beskar/dashboard/index.html.erb

@@ -0,0 +1,280 @@
+<% content_for :page_title, "Security Dashboard" %>
+
+<% content_for :header_actions do %>
+  <div style="display: flex; gap: 0.5rem;">
+    <% ['1h', '6h', '24h', '7d', '30d'].each do |range| %>
+      <%= link_to range.upcase, dashboard_path(time_range: range),
+          class: "btn btn-sm #{@time_range == range ? 'btn-primary' : 'btn-secondary'}" %>
+    <% end %>
+  </div>
+<% end %>
+
+<!-- Stats Grid -->
+<div class="stats-grid">
+  <div class="stat-card">
+    <div class="stat-label">Total Events</div>
+    <div class="stat-value"><%= number_with_delimiter(@stats[:total_events]) %></div>
+    <div class="stat-change">In selected period</div>
+  </div>
+
+  <div class="stat-card">
+    <div class="stat-label">Failed Logins</div>
+    <div class="stat-value" style="color: var(--warning);">
+      <%= number_with_delimiter(@stats[:failed_logins]) %>
+    </div>
+    <div class="stat-change">Authentication failures</div>
+  </div>
+
+  <div class="stat-card">
+    <div class="stat-label">Blocked IPs</div>
+    <div class="stat-value" style="color: var(--danger);">
+      <%= number_with_delimiter(@stats[:blocked_ips]) %>
+    </div>
+    <div class="stat-change">Currently active</div>
+  </div>
+
+  <div class="stat-card">
+    <div class="stat-label">High Risk Events</div>
+    <div class="stat-value" style="color: var(--primary);">
+      <%= number_with_delimiter(@stats[:high_risk_events]) %>
+    </div>
+    <div class="stat-change">Score > 60</div>
+  </div>
+
+  <div class="stat-card">
+    <div class="stat-label">Critical Threats</div>
+    <div class="stat-value" style="color: #D32F2F;">
+      <%= number_with_delimiter(@stats[:critical_threats]) %>
+    </div>
+    <div class="stat-change">Score > 85</div>
+  </div>
+</div>
+
+<!-- Main Grid -->
+<div style="display: grid; grid-template-columns: 1fr 1fr; gap: 1.5rem; margin-bottom: 1.5rem;">
+  <!-- Risk Distribution -->
+  <div class="card">
+    <div class="card-header">
+      <h3 class="card-title">Risk Distribution</h3>
+      <div class="card-subtitle">Events by risk level</div>
+    </div>
+    <div class="card-body">
+      <div style="display: flex; flex-direction: column; gap: 1rem;">
+        <% total_risk_events = @risk_distribution.values.sum.to_f %>
+        <% @risk_distribution.each do |level, count| %>
+          <div style="display: flex; align-items: center; gap: 1rem;">
+            <div style="width: 80px; font-size: 12px; font-weight: 600; text-transform: uppercase; color: #697386;">
+              <%= level.to_s.capitalize %>
+            </div>
+            <div style="flex: 1; position: relative;">
+              <div style="background: #F4F5F7; height: 24px; border-radius: 4px; overflow: hidden;">
+                <% percentage = total_risk_events > 0 ? (count / total_risk_events * 100) : 0 %>
+                <div style="
+                  background: <%= case level
+                    when :low then '#4CAF50'
+                    when :medium then '#FF9800'
+                    when :high then '#E91E63'
+                    when :critical then '#D32F2F'
+                    end %>;
+                  width: <%= percentage %>%;
+                  height: 100%;
+                  transition: width 0.3s ease;
+                "></div>
+              </div>
+            </div>
+            <div style="width: 60px; text-align: right; font-size: 13px; font-weight: 600;">
+              <%= number_with_delimiter(count) %>
+            </div>
+          </div>
+        <% end %>
+      </div>
+    </div>
+  </div>
+
+  <!-- Event Types -->
+  <div class="card">
+    <div class="card-header">
+      <h3 class="card-title">Event Types</h3>
+      <div class="card-subtitle">Distribution by type</div>
+    </div>
+    <div class="card-body">
+      <div style="display: flex; flex-direction: column; gap: 0.75rem;">
+        <% @event_distribution.first(5).each do |event_type, count| %>
+          <div style="display: flex; justify-content: space-between; align-items: center; padding: 0.5rem 0; border-bottom: 1px solid #F4F5F7;">
+            <div>
+              <div style="font-size: 14px; color: #1A1F36;">
+                <%= format_event_type(event_type) %>
+              </div>
+              <div style="font-size: 12px; color: #697386; margin-top: 2px;">
+                <%= event_type %>
+              </div>
+            </div>
+            <div style="display: flex; align-items: center; gap: 0.75rem;">
+              <div style="font-size: 16px; font-weight: 600; color: #1A1F36;">
+                <%= number_with_delimiter(count) %>
+              </div>
+            </div>
+          </div>
+        <% end %>
+      </div>
+    </div>
+  </div>
+</div>
+
+<!-- Recent Activity and Top Threats -->
+<div style="display: grid; grid-template-columns: 2fr 1fr; gap: 1.5rem;">
+  <!-- Recent Security Events -->
+  <div class="card">
+    <div class="card-header">
+      <h3 class="card-title">Recent Security Events</h3>
+      <div class="card-subtitle">Latest activity across all monitors</div>
+    </div>
+    <div class="card-body" style="padding: 0;">
+      <div class="table-container">
+        <table>
+          <thead>
+            <tr>
+              <th>Time</th>
+              <th>Event Type</th>
+              <th>IP Address</th>
+              <th>User</th>
+              <th>Risk</th>
+              <th></th>
+            </tr>
+          </thead>
+          <tbody>
+            <% @recent_events.each do |event| %>
+              <tr>
+                <td>
+                  <div style="font-size: 13px;">
+                    <%= event.created_at.strftime("%H:%M:%S") %>
+                  </div>
+                  <div style="font-size: 11px; color: #697386;">
+                    <%= event.created_at.strftime("%Y-%m-%d") %>
+                  </div>
+                </td>
+                <td>
+                  <div style="font-size: 13px;">
+                    <%= format_event_type(event.event_type) %>
+                  </div>
+                </td>
+                <td>
+                  <div style="font-family: monospace; font-size: 13px;">
+                    <%= event.ip_address %>
+                  </div>
+                  <% if event.metadata&.dig("geolocation", "country") %>
+                    <div style="font-size: 11px; color: #697386;">
+                      <%= [event.metadata.dig("geolocation", "city"),
+                           event.metadata.dig("geolocation", "country")].compact.join(", ") %>
+                    </div>
+                  <% end %>
+                </td>
+                <td>
+                  <% if event.user %>
+                    <div style="font-size: 13px;">
+                      <%= event.user.try(:email) || "User ##{event.user_id}" %>
+                    </div>
+                  <% elsif event.attempted_email %>
+                    <div style="font-size: 13px; color: #697386;">
+                      <%= event.attempted_email %>
+                    </div>
+                  <% else %>
+                    <span style="color: #C1C7D0;">-</span>
+                  <% end %>
+                </td>
+                <td>
+                  <span class="badge badge-<%= risk_level_class(event.risk_score) %>">
+                    <%= event.risk_score %>
+                  </span>
+                </td>
+                <td>
+                  <%= link_to "View", security_event_path(event),
+                      class: "btn btn-sm btn-secondary" %>
+                </td>
+              </tr>
+            <% end %>
+          </tbody>
+        </table>
+      </div>
+      <div style="padding: 1rem; text-align: center; border-top: 1px solid #E3E8EE;">
+        <%= link_to "View All Security Events →", security_events_path,
+            style: "color: var(--primary); text-decoration: none; font-size: 13px; font-weight: 500;" %>
+      </div>
+    </div>
+  </div>
+
+  <!-- Top Threats & Active Bans -->
+  <div style="display: flex; flex-direction: column; gap: 1.5rem;">
+    <!-- Top Threat IPs -->
+    <div class="card">
+      <div class="card-header">
+        <h3 class="card-title">Top Threat IPs</h3>
+        <div class="card-subtitle">Most active suspicious IPs</div>
+      </div>
+      <div class="card-body">
+        <div style="display: flex; flex-direction: column; gap: 0.75rem;">
+          <% @top_threat_ips.each do |threat| %>
+            <div style="padding: 0.75rem; background: #FAFBFC; border-radius: 6px;">
+              <div style="display: flex; justify-content: space-between; align-items: start;">
+                <div>
+                  <div style="font-family: monospace; font-size: 13px; font-weight: 600; color: #1A1F36;">
+                    <%= threat.ip_address %>
+                  </div>
+                  <div style="font-size: 11px; color: #697386; margin-top: 4px;">
+                    <%= threat.event_count %> events ·
+                    Avg risk: <%= threat.avg_risk_score.round(1) %>
+                  </div>
+                </div>
+                <div style="display: flex; gap: 0.25rem;">
+                  <% if Beskar::BannedIp.banned?(threat.ip_address) %>
+                    <span class="badge badge-danger">Banned</span>
+                  <% else %>
+                    <%= link_to "Ban", new_banned_ip_path(ip_address: threat.ip_address, reason: 'high_threat_activity'),
+                        class: "btn btn-sm btn-danger", style: "padding: 0.25rem 0.5rem; font-size: 11px;" %>
+                  <% end %>
+                </div>
+              </div>
+            </div>
+          <% end %>
+        </div>
+      </div>
+    </div>
+
+    <!-- Active Bans -->
+    <div class="card">
+      <div class="card-header">
+        <h3 class="card-title">Active Bans</h3>
+        <div class="card-subtitle">Recently banned IPs</div>
+      </div>
+      <div class="card-body">
+        <div style="display: flex; flex-direction: column; gap: 0.5rem;">
+          <% @active_bans.each do |ban| %>
+            <div style="padding: 0.5rem 0; border-bottom: 1px solid #F4F5F7;">
+              <div style="display: flex; justify-content: space-between; align-items: start;">
+                <div>
+                  <div style="font-family: monospace; font-size: 13px; color: #1A1F36;">
+                    <%= ban.ip_address %>
+                  </div>
+                  <div style="font-size: 11px; color: #697386; margin-top: 2px;">
+                    <%= ban.reason.humanize %> ·
+                    <% if ban.permanent? %>
+                      Permanent
+                    <% else %>
+                      Expires <%= distance_of_time_in_words(Time.current, ban.expires_at) %>
+                    <% end %>
+                  </div>
+                </div>
+                <%= link_to "→", banned_ip_path(ban),
+                    style: "color: #697386; text-decoration: none; font-size: 14px;" %>
+              </div>
+            </div>
+          <% end %>
+        </div>
+        <div style="padding-top: 1rem; text-align: center;">
+          <%= link_to "Manage All Bans →", banned_ips_path,
+              style: "color: var(--primary); text-decoration: none; font-size: 13px; font-weight: 500;" %>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>